Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN Clients are duplicated

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 838 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zeno78200
      last edited by

      Hi All,

      I know that the title of the topic can be confusing but I didn't find something better.

      I am running 4 VPN clients on PfSense toward the same VPN provider but using different VPN servers. All of the Clients are configured on PfSense also with an interface so that I can create 4 gateways to use in Security rules.
      3 of the clients are configured to be in 3 different Gateway Groups in which I have linked 2 OpenVpn instances/clients. In each group the Tier 1 server rotates day by day. To better explain… let's say I have 3 Clients using as VPN server A, B and C. I then have 3 Gateway Groups where A is the primary gateway in group 1 whlile C is the secondary, B is the primary gateway in group 2 while A is the secondary and same for the 3rd group. Gateway groups in use are rotating daily with time Scheduled Firewall Rules.

      My VPN provider only allows 5 clients to be connected at the same time and from time to time I got message from them saying that a 6th client is connecting, causing the disconnection of 1 of my Clients on PfSense.
      After some investigation I am 110% sure that the only configured clients are the 4 in PfSense, but there should be something that most probably starts more than 1 VPN Client instance.

      Question: is there a way from the command line to check how many clients are running at a certain time? I am asking because from the Web GUI I only and always see only 4 clients but there is definitely something duplicating a couple of them and causing the Provider to observe the 6th client connecting.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        If your client gets disconnected and then reconnects quickly (< 60 sec), that would look like an additional connection from the provider's perspective since it would not have timed out yet.

        pfSense can't run more than one instance of a specific client at a time (even if you wanted to), so if you only have four configured in pfSense then it can only be running four.

        So either the provider is seeing a disconnected "ghost" session hanging around, or there is another client somewhere off pfSense connecting (local PC, perhaps? local lab setup?)

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.