Pfsense OpenVPN Radius connect clients to different subnets



  • i have set up pfsense and openvpn connecting to Radius authentication server in pfsense (not freeradius package).  all is working for this connection.  we have a need to separate our connecting users by groups to limit access.  we tried adding a 2nd vpn and gave it a different subnet for its ip as well as a different tunnel network but it connects to the 1st vpn.

    here is someone asking the same question but no answer
    https://forum.pfsense.org/index.php?topic=63583.msg343819#msg343819

    do i need a separate CA and certificates?  i tried and got the same result
    can i create different user groups in AD?

    Configuring client-specific rules and access policies
    Suppose we are setting up a company VPN, and we would like to establish separate access policies for 3 different classes of users:

    System administrators – full access to all machines on the network
    Employees -- access only to Samba/email server
    Contractors -- access to a special server only


Log in to reply