Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Dual-WAN access configuration

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 3 Posters 326 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      chitchat
      last edited by

      OVPN newbie here. I'm trying to configure my dual-WAN Netgate 3100 for access from outside on both WANs.

      Using the wizard, I've successfully configured one service connection on WAN. But I can't get the second service to work on OPT1.

      The docs say:

      "Local port
      The port number upon which OpenVPN will listen for incoming connections from peers. Firewall rules must allow traffic to this port and this port must be specified in the client configuration.

      The port for each server must be unique for each interface when using a standard UDP or TCP Protocol choice and must be globally unique if using a multihome Protocol."

      My working OVPN server on WAN is using port 1194. Since the docs say "the port for each server must be unique" I've set the OPT1 server to use port 1195.

      Per the docs I'm trying to set a firewall rule to allow traffic on port 1195. However, the firewall rule dropdown menu doesn't present a choice for port 1195 - only 1194.

      Is there some place where I am supposed to configure port 1195 to be available in the dropdown? Or is there something I misunderstand in the configuration?

      Thanks in advance!

      Screenshot 2025-09-23 at 11.55.33 AM.png Screenshot 2025-09-23 at 11.54.37 AM.png Screenshot 2025-09-23 at 11.53.50 AM.png .

      M 1 Reply Last reply Reply Quote 0
      • M Offline
        mcury Rebel Alliance @chitchat
        last edited by

        @chitchat
        My two cents:

        Configure openvpn to tisten on localhost.
        Create a portforward in both WANs, from the Internet (any), to 127.0.0.1 port 1194 UDP.
        Use DDNS or configure two remote entries in the .ovpn, with a timeout of 2 seconds.

        dead on arrival, nowhere to be found.

        1 Reply Last reply Reply Quote 0
        • chpalmerC Offline
          chpalmer
          last edited by chpalmer

          Other. 1195.. however if this is for failover when you should use 1194 on that interface as well..

          The solution provided above seems interesting..

          If you are truly looking for multiple VPN instances then yes you do need to use a different port.

          Triggering snowflakes one by one..
          Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.