On the server there is no firewall enabled by default unless you did it. So, there shouldn't be one. You can check iptables chains with:
Code:
sudo iptables -L -v -n
If all chains INPUT, FORWARD and OUTPUT say ACCEPT then the firewall is not active. It lets all traffic pass.
Yes, open 914-917 on the router, and forward tcp/914, tcp/915, udp/916 and udp/917 to the server private IP. By using netstat on the server you see which service is listening where. If you have a router with a firewall in front of the server, you need that port open and forwarded in order for the specific service to work, otherwise it has no route to reach the server.
Their AS client should be set up by default to use the correct ports, if you didn't change any ports on the server side, but it's worth double checking. There might be an option in the client GUI that displays the port. For example, if you do change the AS server port, you need to have a way to change the port in the client GUI too, right? So there might be something in the options/preferences in the client GUI.
For OpenVPN client usually it uses a configuration text file and the port is there, easy to check or change. For this AS client you will have to look around its GUI or consult the documentation.
Bookmarks