Two OpenVPN (TAP) servers?
-
Hi,
VERSION: pfSense 2.45-p1 (but can upgrade, if necessary)
We have an OpenVPN TAP server running on UDP 1194 using out-of-date encryption and digest settings. We want to transition users to a new TAP server with updated settings to increase security but need a period of about a week during which we will contact them and install new configuration files for each remote system.
When trying to create a second TAP OpenVPN server configuration on the pfSense box we don't get the Bridge options that we expect or they are greyed out. I just want to know if what we're trying to accomplish is possible before spending a lot of time on it. I know we can't run another OpenVPN server on the same port, but we don't have an issue with the new server running on UDP 1195 (for example). But if there's no way to have two TAP servers running on the same pfSense box and both bridging to the LAN interface then we'll have to change our migration approach.
Many thanks in advance,
JS
-
In case anyone has the same problem, this is what I ended up getting back from Netgate support:
"Unfortunately it's not supported to have multiple OpenVPN TAP servers bridging to the same interface"