2

I am on Windows 10 21H1, and I use OpenVPN to connect to office.

Sometimes I ran into this error: MANAGEMENT: Socket bind failed on local address [AF_INET]127.0.0.1:25340

When it happens, I can find a line indicating that the port is in the exclusion range, like blow.

PS C:\> netsh interface ipv4 show excludedportrange protocol=tcp

Protocol tcp Port Exclusion Ranges

Start Port    End Port
----------    --------
     25305       25404

There are many ranges, I have omitted them.

I know this error is related to Hyper-V (https://superuser.com/a/1586869/614603), but I need WSL2, which is based on Hyper-V. Besides, I don't want to change dynamic TCP port range since I run many things :P

I am wondering if I can change the local port or port range used by OpenVPN.

Improve this question
3
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking.
    – Community Bot
    Commented Nov 5, 2021 at 15:30
  • Why do you believe this has anything to do with WSL2? I am guessing your using OpenVPN within WSL2 and attempting to connect to your VPN within Windows?
    – Ramhound
    Commented Nov 5, 2021 at 15:42
  • @Ramhound, I am not running OpenVPN within WSL2. I am under Windows, connecting to my company's OpenVPN server from my home. I have updated my question to include more details.
    – CSakura
    Commented Nov 6, 2021 at 16:34

1 Answer 1

Reset to default
5

I was experiencing the same issue and your question actually reminded me about the issue with WSL2 causing reserved ports. Thanks for that!

As for changing the port on OpenVPN, this is straightforward on the Windows client.

  1. Right-click the OpenVPN GUI icon in the system tray.
  2. Click Settings.
  3. Click the Advanced tab.
  4. Change the "Port offset" setting to something that isn't in the reserved range.
  5. Click OK.

OpenVPN GUI Advanced tab

I was able to connect successfully after making this change.

Last time I encountered this issue, I disabled the excluded ports and there is some material out there that tells you how to make that change, for example:

  1. On my Windows host in PowerShell, I ran netsh int ipv4 set dynamic tcp start=51001 num=5000 to reset the dynamic port range to an area which I knew none of my apps used.
  2. I also ran reg add HKLM\SYSTEM\CurrentControlSet\Services\hns\State /v EnableExcludedPortRange /d 0 /f to disable the HNS port exclusion behavior as netsh int ipv4 show excludedportrange protocol=tcp showed a lot of excluded ports that were not attributed to anything else.
  3. Reboot

Source: https://hungyi.net/posts/wsl2-reserved-ports/

For me, the OpenVPN change was simpler to implement and I was up and running in minutes. Hope this helps!

Improve this answer
2
  • 1
    Interesting. What is your OpenVPN version? Mine is 2.4.11, and I don't have the option.
    – CSakura
    Commented Jan 27, 2022 at 18:12
  • 1
    I'm showing OpenVPN GUI v11.26.0.0 and the underlying OpenVPN is showing v2.5.5. I just download and installed the latest client a few days ago as a first attempt at fixing this issue so it is pretty much up-to-date.
    – aTotalStranger
    Commented Jan 28, 2022 at 19:52

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .