Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple VPN Servers

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Heli0s
      last edited by

      Is it possible to have multiple VPN servers running on different ports on pfSense?

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Yes, no problem. I have a few OpenVPN site-to-site servers and road warrior server/s all on 1 pfSense.
        Just choose a different unused port for each one. Of course the various clients have to connect to the correct server port to get to their matching server.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • H
          Heli0s
          last edited by

          Thanks for the reply. I also assume that each of the servers needs to have a different IP subnet, is that correct? Also, would the different clients from the different server be able to talk to each other (I want to make sure that they can't)?

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis
            last edited by

            Each server needs its own subnet - design a private IP addressing scheme that has a different subnet for each OpenVPN server.
            Firewall rules will block or allow whatever you want, also when the client connects it gets pushed routes (telling it what subnets are available at the server end of the link), so if you only push routes to your LAN/s (and not to the other OpenVPN subnets) then the clients will not even see them.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • H
              Heli0s
              last edited by

              So I followed your advice and some online tutorials and everything works great!

              From a security standpoint, would there be a reason to add an interface to the OpenVPN servers and enable Snort on them? Or would that be an overkill?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.