Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to setup OpenVpn access for groups of users

    OpenVPN
    2
    3
    2.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kayko
      last edited by

      I would like to setup access to our network based on group user belong to.
      For example
      User1, and user2 have access to network 192.168.1.0/255, user3 and user4 only to a specific host (e.g 192.168.1.100/32)
      Is it possible?

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        You can either install seperate OpenVPN servers with a unique tunnel subnets and ports for listening to for each user group. Each with its own CA for users and server cert.  So you can differ your vpn clients by the tunnel subnets.

        Or you use client specific overrides to assign a particular IP of the common tunnel to each user and control access by these client IP addresses.
        https://doc.pfsense.org/index.php/OpenVPN_multi_purpose_single_server#OpenVPN_Client_specific_overrides

        Both only works with SSL/TLS server.

        1 Reply Last reply Reply Quote 0
        • K
          kayko
          last edited by

          Thank you.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.