OpenVPN single port



  • each vpn I create, I have to put a different port on the server.

    if I change the clients per server, and the server and client by using only port 1194, I will have a problem?





  • The scenario you describe in your first image tells me that you are using multiple shared key connections.
    You might want to take a look at a PKI setup where you have a single server for multiple clients.

    https://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_PKI_(SSL)



  • If you are using Peer to Peer (Shared Key) for the site-to-site links, then (I believe) you can only have 1 client connected to 1 server. If the servers are all at "main office" then each server must listen on a different port. If you turn the links around, like your 2nd diagram, so the servers are at the branch offices and there are many clients at main office connecting out, then they can all use the same port.
    You can also use Peer to Peer (SSL/TLS) with certificates and Client Specific Overrides to have a single server at main office, all the branch office clients connecting to it, and the client-specific-overrides tell OPenVPN which clients are routes to which remote branch office LANs.



  • Sorry for not replying.
    I read the posts so they were sent, but I could not test.
    'll Reply as soon as possible.

    What I had posted would work? changing every server?



  • What I had posted would work? changing every server?

    Yes, you can put the servers at the branch offices, like your 2nd diagram, and have 4 clients connecting out from the main office.
    But myself, I make my OpenVPN servers listen on a different port to the default (1194) anyway, and it is no problem having 4 of them listening on 4 different port numbers.


Log in to reply