Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVpn multiple public IP

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 3 Posters 5.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Vtamlist
      last edited by

      Hi,
      I'm using OpenVpn on a Pfsense 1.2.2. with 3 different server for 3 different subnets and 3 different ports (1193,2193 and 7000). It's working fine and I haven't problem.

      Due to security reasons I must transport this 3 different server only on a single port: 25.

      I can use 3 different public IP's…

      Can you help me for this configuration ???

      I'm trying to define 3 different VPN server on the same port: 25 but I don't know how link a different public IP with an VPN server...

      Thank's

      Claudio

      1 Reply Last reply Reply Quote 0
      • B
        BrianBonnell
        last edited by

        Can't be done, each VPN needs it's own port! I tried, I had to go with 1195,96,97…etc.

        1 Reply Last reply Reply Quote 0
        • GruensFroeschliG
          GruensFroeschli
          last edited by

          @BrianBonnell:

          Can't be done, each VPN needs it's own port! I tried, I had to go with 1195,96,97…etc.

          Um… ever heard of PKI and the iroute-command?
          Or did you read the OPs note that he has 3 public IPs?

          @Vtamlist:
          Are you using this VPN for site-to-site connections?
          If you want multiple site-to-site connections with a single server, there is a sticky in this subforum providing a good hotwo:
          http://forum.pfsense.org/index.php/topic,12888.0.html

          Or do you need 3 different servers for multiple roadwarriors?
          Since you say you have 3 public IPs at your disposal, you can just start 3 instances of OpenVPN and add in the "custom options" field the option: "local host".
          Like this you can specify to which IP the server binds.

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • B
            BrianBonnell
            last edited by

            YES, GruensFroeschli, I have heard of PKI and Iroute. NEITHER WORKED! I am using PKI, and I still had to put each tunnel on it's own port. Other wise I got port in use already errors. OpenVPN Port Sharing is only available on OpenVPN Server/Client 2.x code (check the OpenVPN.org Site!!!!) Pfsense uses 1.x version of OpenVPN code. Until Version 2 of Pfsense is released which might use the newer OpenVPN code, it is not supported yet.

            GruensFroeschli - Next time do a bit of research before making a smart aleck remark!

            1 Reply Last reply Reply Quote 0
            • GruensFroeschliG
              GruensFroeschli
              last edited by

              Ah yes if you say it doesn't work it must be so….

              In this case we just ignore everyone using the above mentioned howto and discard the already working PKI site-to-site setups as hocuspocus to mislead the proletariat.

              Where the heck do you get the idea that pfSense uses 1.x OpenVPN code?
              Did you ever use pfSense to set up an OpenVPN connection?
              Apparently not.
              Or did you never look at the systemlog output?
              You would have noticed the small line:

              openvpn[14760]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008

              Next time you check your own facts before you post wrong information!

              We do what we must, because we can.

              Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

              1 Reply Last reply Reply Quote 0
              • B
                BrianBonnell
                last edited by

                Well mine does not say "openvpn[14760]: OpenVPN 2.0.6 i386-portbld-freebsd7.0 [SSL] [LZO] built on Nov 9 2008"
                it says "openvpn[10700]: OpenVPN 1.3.6 i386-portbld-freebsd6.0 [SSL] [LZO] built on Nov 9 2006", and I am on PF 1.2.3-Release.

                1 Reply Last reply Reply Quote 0
                • GruensFroeschliG
                  GruensFroeschli
                  last edited by

                  1.2.3 is based on FreeBSD 7.2
                  Your OpenVPN is a port to FreeBSD 6.0.

                  Either you're not really on 1.2.3 or something went terribly wrong when you updated.

                  We do what we must, because we can.

                  Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.