Opening a port via commercial VPN

hi is possible to open port with this vpn because a long time ago i played with expressvpn but my nat is moderated thanks i don't like now nolagvpn for my console because he his satured

i use openvpn and pbr policy routing the package of stangri

In order to open a port on a commercial VPN solution, you must have a dedicated public IP address from the VPN provider for your exclusive use (or a VPS with a public IP). Therefore, you must ask them if they have such a service offering.


Although ExpressVPN port forwarding is not allowed on its applications, you can activate it easily on its router. It further also lets you configure the internal and external port numbers manually. However, you must get an ExpressVPN-compatible router or the v1/v2 router firmware.

is possible about this word ?

I cannot speak to any specific VPN provider as I don't know their policies and capabilities.

You should not need "their" router, unless there is some special account-level control panel they provide only on their specific devices (typically these types of things would be accessable via a web interface for your general account settings). Port forwarding on the OpenWrt side is pretty straightforward. But on the VPN provider side, your account must be configured to have a public IP (either entirely reserved for your exclusive use, or maybe some specific ports that are reserved for you).

I don't know what this means. If you're using some "ExpressVPN" specific firmware, you should ask on their support channels.


i has think like this

config redirect
	option dest 'vpn'
	option target 'DNAT'
	option name 'DMZ VPN'
	option src 'wan'
	option src_dport '1-65535'
	option dest_port '1-65535'
	option dest_ip 'ip of tun0' than i see on pbr 

That is not really port forwarding... that would be a "DMZ" but this is probably not what you want.

Port forwarding is simply the idea that if you have a service (let's say a web server on port 80/443) on your network that you want to be accessable from the internet and you have only a single IPv4 address for your router/network, you would forward those ports from the wan (or VPN) to the specific host on your network that has the service running. This requires that you have a public IP address that can be used for this purpose.

1 Like

Ok i sée thanks for explanation :+1:

Here are a few VPNs that offer public IPs and where I personally confirmed that port forwarding works on at least one user's OpenWrt installation:

  • SwissVPN if you are OK with PPTP (but you have to sign a contract on paper and pay extra for bumping the speed limit to 30 Mbps)
  • Hoppy
  • OVPN

The last two providers offer a static IP via WireGuard.

As a very last resort (tested personally and not recommended), you can also try PureVPN or its white-label clone Ivacy. One problem with them is in the way how they handle reconnections after the link breaks: you will get not your official static IP, but some other IP, because your official static IP is still used by the ghost of the connection that broke. Also, on static-ip accounts, they offer a choice of IKEv2 which is hard to configure (but this is what I use, because nobody else has servers in Asia), and PPTP which is going to be phased out.

I also have been approached by PureVPN sales who offered me an OpenVPN static-ip connection optimized for Linux. I have not tried that offer yet. I guess I should.

1 Like

Yes thanks for all ! I will check that :+1:

i testing at the moment purevpn with portforwading

but my vpn don't reconnected in pbr

--> vpn/tun0/

the vpn seems worked

You are using PureVPN with the OpenVPN protocol. This is not what I have tested. Please buy a dedicated-IP add-on from them, they will assign a separate server for you, with support for PPTP, L2TP, and IKEv2 protocols. That is, no OpenVPN.

Alternatively, try their WireGuard support, but this cannot be automated, as the wg config file is generated anew for each connection and is valid only for two minutes.

1 Like

ok i will reinstall wireguard and test thanks

Just in case - with WireGuard, I would actually recommend OVPN (with the public IPv4 add-on) over anything else.

Sorry for the previous recommendation to buy the equivalent add-on from PureVPN.

i has found that

but not work

i 'm not in 21.02 but 22.03

Ignore the official PureVPN guide, because it mentions OpenVPN, which is not compatible with port forwarding on PureVPN and on the majority of other VPN providers. Ignore OpenVPN also for the reason that it will be too slow. Just set up a PPTP connection (but you need a dedicated IP add-on, because this protocol has been eliminated on general-purpose PureVPN servers).

For the next 30 minutes I am available for a video chat at <link edited out>

1 Like

While it is being discussed, PPTP should be avoided at all costs because it has zero security value at this point. It is considered unsuitable for use on the internet as we know it now (FWIW, it has been deprecated and removed from iOS and Mac OS, and maybe other OS's for this reason).

I understand that some VPN providers (and/or features within their offerings) may still use/require this protocol, but be aware that it offers no security whatsoever.


Well, for the use case where the VPN is used only as a provider of a public IP, the security of the VPN connection does not matter.

PureVPN does offer a fast and secure IKEv2 protocol, but it is way too cumbersome to set up with OpenWrt, so I cannot recommend it.

1 Like

desolé je ne parle que l'anglais ecrit que je comprends plus ou moins quand je mettez expressvpn en vpn sur pbr cela marche avec openvpn mais avc purevpn il reste en

Sorry I only speak written english which I understand more or less when I put expressvpn in vpn on pbr it works with openvpn but avc purevpn

Well, the video chat attempt failed due to the microphone issue. @Dopam-IT_1987 Sorry for wasting your time.

no problem thank you for wanting to help me

purevpn doesn't connect correclty to my router it's very weird