Got Mail-in-a-Box succesfully installed following your provided guide and works excellent… Thanks for that!
Now I wish Install Mail-in-a-Box + OpenVPN inside the same CLOUD server…
I would like to install inside the same server an OpenVPN tunnel to punctually secure Internet browsing as described in this tutorial: How To Set Up an OpenVPN Server on Ubuntu 14.04 and I need to know if I must foreseen incompatibilities between both packages and/or if OpenVPN installation could overwrite something over the Mail-in-a-Box installation that installed alone works well.
TIA for attention & quick feedback,
It should be fine, but it voids your warranty, so to speak.
Understood! Thanks for feedback… Done installation of OpenVPN as described in mentioned tutorial right after having Mail-in-a-Box well working and both (Mail-in-a-Box & OpenVPN) work perfectly being installed inside same cloud server.
-Confirmed there’re no files in conflict between both packages just some additional Firewall rules (like open an additional UDP port) must be allowed.
Hope may help others, too
I have use the script from this page and I can report it appears to work without issue.
just installed it, worked smoothly…
I’ve actually had a different experience with this. I was running some variant of Nyr’s GitHub - angristan/openvpn-install: Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux. which is a bit more modernized.
Please, share in detail your told ‘different experience you had’ here. thanks in advance.
The issue with that script you used was it reset your DNS settings and server (As seen in option 1 of the script). Just apt-get install’ing openvpn, configuring the server by hand, and then opening up port 1194 in ufw works perfectly fine.
Turns out the problem was UFW blocking the non standard port that I’d set for openvpn. I ended up just turning UFW off because it would just destroy my browsing experience using this VPS. Although I’m wondering how much of a security decrease it is to do this.
I’d enable it. It won’t hinder browsing experience as it’s configured to allow all outbound connections, but deny most incoming.
“ufw allow 1234”
The problem is it’s not really about the browsing experience that I’m having trouble with my LittleSnitch firewall on my local has an insane number of rules on varying ports to accommodate for what my computer needs access to. Only allowing a handful of ports reduces convenience which is what I’m trying to avoid. But this may be getting vastly off topic.
You know you can safely allow all outbound ports on your firewall, right?
I suppose that makes sense do you know the ufw rule for that? Generally I take a whitelist approach to everything.
by default UFW allows all outbound traffic, but I believe it would be:
ufw default allow outgoing
Then remove all your outbound rules (or comment them out in the ufw rule file under /etc/ufw)
So long as you keep your computers / servers clean of malware, all outbound traffic is OK to send out (since it’s already coming from a trusted source).
Blocking all inbound traffic, and only allowing certain ports (e.g. 80,443,993,etc) is the only thing you should really do UNLESS you need to block outbound traffic due to company policy, laws, etc.
It was just basically that I didn’t notice that MIAB came with UFW enabled. Everything else was fine. I just magically couldn’t connect to my non standard port configuration that I had setup so that I could bypass certain restrictions at certain public wifi’s that block OpenVPN by default.
ufw allow PortNumber on the MIAB server will solve your problems (also if MIAB is behind another firewall, allow the port there too of course)