Feature - Use other VPN Protocol and/or TCP port 443

[randomodbuild]

Terms

• This request is not a duplicate of an existing feature
• I have provided as much information as I can about the new feature.

Summary

Sorry in advance if this feature is out of scope for this project.
In some areas, VPN connections are not allowed (e.g. China), and in certain networks, the only protocol/port that a VPN can connect through is tcp/443. I was wondering if there is any way to adapt this project to work with a vpn using that port/protocol.

Motivation

Why are we doing this?

To be able to self host things through CGNAT as well as restrictive firewalls.

Openconnect (an open source SSL vpn based on Cisco's AnyConnect) could be used, as it works out of the box with TCP port 443 and is known to work well through restrictive firewalls.

What use cases does it support?

Hosting through restrictive firewalls, such as China, where VPNs are blocked.

What is the expected outcome?

Same as before, but using Openconnect as the VPN protocol instead of Wireguard, and TCP port 443.

Potential conflicts / foreseeable issues

From what I can tell, TCP 443 wouldn't be available to the client of the VPN, and nothing could be hosted over it. There might be some way to run a proxy on the VPS hosting the VPN, then forward all traffic that doesn't match a vpn.name.com domain using SNI, but I'm not sure if that is possible. Web hosting might be out of the question, but every other port should work (minus SSH for access, etc.)

Additional Context

No response

[mochman]

That sounds like a good enhancement. I'm in the middle of a house move, so I don't have my server to test this all out yet. I'll get to it when my stuff gets in.