Different instances using different internal interfaces

hidepp · May 25, 2022, 3:31 PM

Hi all,

I have two openVPN instances on my pfSense server. I also have two network interfaces (let's call them LAN1 and LAN2), each one connected to a different LAN.

I need each openVPN instance to route the traffic on each LAN interface. Right now, no matter which openVPN instance I connect, all the traffic is going to the LAN1.

How can I set which internal interface will be used on each openVPN instance?

Jarhead · May 25, 2022, 3:34 PM

@hidepp Assign the OpenVPN virtual interfaces in 'Interfaces/Assignments" then set rules to allow to both LAN's.

hidepp · May 25, 2022, 3:59 PM

@jarhead Hi!
Can you provide more details about how those rules should be?

This is what I want:

OpenVPN Server 1, on port 1194, should pass all its traffic on LAN interface.
OpenVPN Server 2, on port 1195, should pass all its traffic on OPT1 interface.

I thought about creating a rule to pass all traffic to the internal IP address range and choose LAN_GW or OPT1_GW as gateway. Is that right?

divsys · May 27, 2022, 2:39 PM

@hidepp
You set that when you create the OpenVPN server on pfSense.
For each instance, set "IPv4 Local network(s)" to the LAN1 or LAN2 subnet you want.

Jarhead · May 27, 2022, 3:28 PM

@hidepp Not really. I have no idea what you want to allow or deny, only you do.
But to start, set both OpenVPN interfaces to allow all, then trim them down as needed.
Always the easiest way to start.