Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Multiple VPN Servers

    OpenVPN
    2
    5
    1742
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Heli0s last edited by

      Is it possible to have multiple VPN servers running on different ports on pfSense?

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis last edited by

        Yes, no problem. I have a few OpenVPN site-to-site servers and road warrior server/s all on 1 pfSense.
        Just choose a different unused port for each one. Of course the various clients have to connect to the correct server port to get to their matching server.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • H
          Heli0s last edited by

          Thanks for the reply. I also assume that each of the servers needs to have a different IP subnet, is that correct? Also, would the different clients from the different server be able to talk to each other (I want to make sure that they can't)?

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis last edited by

            Each server needs its own subnet - design a private IP addressing scheme that has a different subnet for each OpenVPN server.
            Firewall rules will block or allow whatever you want, also when the client connects it gets pushed routes (telling it what subnets are available at the server end of the link), so if you only push routes to your LAN/s (and not to the other OpenVPN subnets) then the clients will not even see them.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • H
              Heli0s last edited by

              So I followed your advice and some online tutorials and everything works great!

              From a security standpoint, would there be a reason to add an interface to the OpenVPN servers and enable Snort on them? Or would that be an overkill?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post