OpenVPN multiple logins on one user profile?

Started by Ghostwheel, September 02, 2024, 10:07:51 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 02, 2024, 10:07:51 PM
I recently configured my OpnSense router to be an OpenVPN server for when I am on untrusted public wifi networks, using the excellent guide found here:  https://docs.opnsense.org/manual/how-tos/sslvpn_client.html

I had previously been using a VM inside my network, that I had hand built using OpenVPN on an Ubuntu install.

One key difference I had found is that with my previous system, I was able to use a single exported user config on multiple devices, such as my laptop and my phone, at the same time.  The hand-rolled system would assign each connection a different IP address on the OpenVPN network.

With my new OpnSense system, each connection using the same profile is assigned the same IP address, so I can not use the same profile on my phone and my laptop.

Is there a setting I can change so that each connection is assigned a different IP address, even if the connections are using the same user profile?
September 03, 2024, 07:57:29 AM #1
Quote from: Ghostwheel on September 02, 2024, 10:07:51 PM
Is there a setting I can change so that each connection is assigned a different IP address, even if the connections are using the same user profile?

There is, you need a line like this in the advanced configuration of your OpenVPN server:

duplicate-cn

and make sure you allow more than 1 concurrent client, of course.

This option is only available if you set up a legacy OpenVPN server in OPNsense, which is due to be removed in future. At that point you either need to go back to your Ubuntu or use a different VPN protocol.

Bart...
September 03, 2024, 08:50:30 AM #2
@bartjsmit, not entirely correct. There it is in the new Instances form - way down under "Miscellaneous".

Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
September 03, 2024, 10:35:32 AM #3
Thanks Patrick, you are (as per usual) entirely correct  :)
September 04, 2024, 07:08:28 AM #4
Quote from: bartjsmit on September 03, 2024, 10:35:32 AM
Thanks Patrick, you are (as per usual) entirely correct  :)

Thank you bartjsmit and Patrick, that worked perfectly!

I was concerned there was an additional setting, from where you said "and make sure you allow more than 1 concurrent client, of course." but testing shows I must already have that correct.
Print
Go Up Pages1
User actions