OpenVPN for different users

  • Hi, I need to setup a pfSense/OpenVPN combo whose goal is to have groups/categories of people able to connect from outside.
    Each group/category must have a specific access policy, and I don't want to manage single users.
    My idea consists in creating N server certificates, one for each group, spawn a OpenVPN instance for any of them and set each OpenVPN instance to release a specific pool of addresses.
    Now, without the ability to filter OpenVPN incoming traffic, I realized I had to NAT to the inside IP interface only for permitted communications: without a NAT servers on the Inside interfaces havo no routes to the VPN Clients.
    Is there a more intelligent way to achieve the same result?

  • You can try to create N server in the OpenVPN page setup, with different port and different certificate…

Log in to reply