Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple OpenVPN client connections to multiple VLANs

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kameleon
      last edited by

      I'm looking for a way to have multiple OpenVPN client connections map to their own VLAN. Basically I need this:

      OpenVPN1 - - -  VLAN1000
      OpenVPN2 - - -  VLAN1001
      OpenVPN3 - - -  VLAN1002
      ….....
      OpenVPN10 - - -  VLAN1009

      Or something like that. I will need if the VPN is down that no traffic leaves that network. Is this something that pfsense can do? If so what would be the best way to accomplish this?

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Yes pfSense can do that.  Follow one of the many examples regarding routing specific traffic out an OpenVPN client connection and blocking egress at WAN if the VPN is down.

        Repeat 10 times.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • F
          firewalluser
          last edited by

          Also worth issuing a cert to each user, this way you can tell when they have been hacked if someone else attempts to connect, and also having short cert lives which you keep issuing, timescales before expiring depend on what you need for extra piece of mind.

          Capitalism, currently The World's best Entertainment Control System and YOU cant buy it! But you can buy this, or some of this or some of these

          Asch Conformity, mainly the blind leading the blind.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.