Is it possible to setup multiple OVPN servers at the same WAN interfaces?
-
I've a PFsense with a remote access tunnel configured, and working well. But I need to set up another tunnel with a different range. I followed the same procedure for the first tunnel, but it doesn't work. I keep getting the same error message: "TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)".
I've already checked the certificates and everything seems to be fine.
I Found this document: https://docs.netgate.com/pfsense/en/latest/vpn/openvpn/multi-wan.html#multiple-server-method
If i understand correctly, i can't set up two different tunnels through the same interface WAN even if i set a different port for the VPN server, is that so? Is there any way to do this?
-
@gabriel_rocha
Yes you can set up as many OpenVPN servers as you have free ports.Is there any way to do this?
You can state the port at "Local port" in the endpoint config section.
-
@viragomann Actually, i used a different local port, I created a different CA and a different server certificate, I use a different pool... but it just does not work. I'm without ideas even for troubleshooting. The error message I mentioned tells me that something wrong with the certificates, but i don't know what it can be....
-
@gabriel_rocha
A reason for the error you get could be that the client gets no response from the server, could be that he cannot reach it at all.After you have rechecked the server settings, best to start is to check the log. If there isn't any line of the attemption to connect sniff the traffic on the WAN (Diagnostic > packet capture) to see if the clients requests arrive there.
Enter the port you've set for the server into the port filter, start the capture and try to connect from outside.
Do you see any packets from the client?