Text only | Text with Images

OPNsense Forum

English Forums => Virtual private networks => Topic started by: Ghostwheel on September 02, 2024, 10:07:51 PM

Title: OpenVPN multiple logins on one user profile?
Post by: Ghostwheel on September 02, 2024, 10:07:51 PM
I recently configured my OpnSense router to be an OpenVPN server for when I am on untrusted public wifi networks, using the excellent guide found here:  https://docs.opnsense.org/manual/how-tos/sslvpn_client.html

I had previously been using a VM inside my network, that I had hand built using OpenVPN on an Ubuntu install.

One key difference I had found is that with my previous system, I was able to use a single exported user config on multiple devices, such as my laptop and my phone, at the same time.  The hand-rolled system would assign each connection a different IP address on the OpenVPN network.

With my new OpnSense system, each connection using the same profile is assigned the same IP address, so I can not use the same profile on my phone and my laptop.

Is there a setting I can change so that each connection is assigned a different IP address, even if the connections are using the same user profile?
Title: Re: OpenVPN multiple logins on one user profile?
Post by: bartjsmit on September 03, 2024, 07:57:29 AM
Quote from: Ghostwheel on September 02, 2024, 10:07:51 PM
Is there a setting I can change so that each connection is assigned a different IP address, even if the connections are using the same user profile?

There is, you need a line like this in the advanced configuration of your OpenVPN server:

duplicate-cn

and make sure you allow more than 1 concurrent client, of course.

This option is only available if you set up a legacy OpenVPN server in OPNsense, which is due to be removed in future. At that point you either need to go back to your Ubuntu or use a different VPN protocol.

Bart...
Title: Re: OpenVPN multiple logins on one user profile?
Post by: Patrick M. Hausen on September 03, 2024, 08:50:30 AM
@bartjsmit, not entirely correct. There it is in the new Instances form - way down under "Miscellaneous".

(https://forum.opnsense.org/index.php?action=dlattach;topic=42620.0;attach=37590;image)
Title: Re: OpenVPN multiple logins on one user profile?
Post by: bartjsmit on September 03, 2024, 10:35:32 AM
Thanks Patrick, you are (as per usual) entirely correct  :)
Title: Re: OpenVPN multiple logins on one user profile?
Post by: Ghostwheel on September 04, 2024, 07:08:28 AM
Quote from: bartjsmit on September 03, 2024, 10:35:32 AM
Thanks Patrick, you are (as per usual) entirely correct  :)

Thank you bartjsmit and Patrick, that worked perfectly!

I was concerned there was an additional setting, from where you said "and make sure you allow more than 1 concurrent client, of course." but testing shows I must already have that correct.
Text only | Text with Images