The connection to our MyCrypNet service is made using the OpenVPN free solution. Its protocol allows the customization of many parameters, to adapt to all situations of use. It is possible to use the default configuration offered on each tutorial page, or the performance-oriented configuration proposed in the article “MyCrypNet: use alternative configurations“. But it is also possible to create a more customized configuration.
The suggested configuration parameters
To talk to each other, two devices must know their respective addresses, but also agree on the protocol and the specific port used. There are 2 common transport protocols (TCP and UDP), as well as about 65000 possible ports per address and per protocol.
Our default configuration uses port number 443 with the TCP transport protocol. It is exactly the same pair of parameters as for the web pages accessible in HTTPS, the encrypted protocol of access to Internet websites.
In our performance-oriented configuration, we propose to use the UDP transport protocol and the port number 1194. This port is the one assigned to the OpenVPN protocol by IANA in the official world registry.
The TCP transport protocol ensures a lot of checks on the transmitted data, which slightly penalizes its performance. The data transfer rate will not always be optimal.
This is why UDP is recommended for a configuration that favors performance.
These settings, along with many others, are written in the configuration file provided by MyCrypNet. This is a file whose extension is “.ovpn” or “.conf” depending on the platform you are using. Its contents are plain text, so you can open this file using any text editor (Notepad, TextEdit, gEdit, etc.).
Here is an example of a configuration file:
We find in 1 the port number that will be used to connect to our infrastructure.
The transport protocol (TCP / UDP) is in 2.
Line 3 is present only for the “two factors authentication” configuration.
In 4 and 5 are strings of characters that must be totally preserved, without any modification.
Most configuration options should not be changed unless you are sure of what you’re doing.
For more information about the options in this file, see the OpenVPN documentation available online.
Your custom configuration
This allows you to change the connection settings to your MyCrypNet network. For example, to go from the configuration proposed by default to the optimized one for the performances proposed in our article “MyCrypNet: use alternative configurations“, you must do these modifications:
- « proto tcp » become « proto udp » ;
- On each « remote » line, the port number changes from « 443 » to « 1194 ».
In addition to the transport protocol (TCP or UDP), you can also choose to use a different connection port to reach our servers.
This choice does not affect the security of your data at all, and does not directly affect the performance of the connection. However, the network you use to access the Internet may prioritize some ports over the others. That’s why we offer you these choices.
Currently, MyCrypNet supports connections on the following ports, with both TCP and UDP transport protocols:
- 22 (traditionally used by the SSH protocol in TCP) ;
- 53 (traditionally used by the DNS protocol in UDP) ;
- 80 (traditionally used by the HTTP protocol in TCP) ;
- 443 (traditionally used by the HTTPS protocol in TCP) ;
- 1194 (default port for the OpenVPN protocol).
If you need to use another port, do not hesitate to contact us.
For example, using port number 80 with TCP, it is possible to suggest to a listener on the network that it’s about an exchange of HTTP data, when in reality it’s your MyCrypNet private network.
Some sophisticated network filtering, as in China, can distinguish between protocols. This technique cannot be used to circumvent this type of filtering. If you are in such a situation, contact us to find a solution together.
MyCrypNet allows you to customize the access configuration to your secure private network. The two most important parameters are the transport protocol (TCP / UDP) and the port number.
Create your secure network