Quick Shared Key site-to-site question

  • Can a single OpenVPN shared key server instance be used for multiple remote sites? or does each remote site need its own server/port?

    thanks for any help.

  • Rebel Alliance Developer Netgate

    Shared key requires a 1:1 relationship between clients and servers - so you need a separate server for each client.

    You can do a site-to-site setup with SSL/TLS and handle multiple clients with one server, it's covered on the doc wiki.

  • Thanks. That's what I figured. I was able to get all my sites VPN up using Shared Key. I just upgraded to 2.0.1 from 1.2.3 at my main site in dramatic fashion (I made some really dumb routes trying to captive portal on OPT1, made webGUI inaccessible, panicked, reinstalled pfsense 2.0.1 and rebuilt). I had SSL/TLS set up previously with 1.2.3 and it worked great. I've got to relearn and translate to the new version.

    thanks again.

Log in to reply