The combination of your server address AND your ther port number your process is listening on must be different.
So, on a single NIC (one up-address) you can have dozens of vpn-processes, each listening on its own port. PS, it is recommended that each vpn process hands out unique pool of addresses or its clients. Duplicating those might lead to funny situations… From: "Jason Long via Openvpn-users" <openvpn-users@lists.sourceforge.net<mailto:openvpn-users@lists.sourceforge.net>> Date: Sunday, 23 July 2023 at 16:41:04 To: "openvpn-users@lists.sourceforge.net" <openvpn-users@lists.sourceforge.net<mailto:openvpn-users@lists.sourceforge.net>>, "Jochen Bern" <jochen.b...@binect.de<mailto:jochen.b...@binect.de>> Subject: Re: [Openvpn-users] Multiple OpenVPN server on one NIC Hi Jochen, Thank you so much for your reply. I have two more questions: 1- So, both of IP address and Port number must be different? 2- If the IP address is different, then the port can be the same? Please answer my questions by number. On Sunday, July 23, 2023 at 05:34:30 PM GMT+3:30, Jochen Bern <jochen.b...@binect.de> wrote: On 23.07.23 15:32, Jason Long via Openvpn-users wrote: > 1- If the port number is different, then "server" IP can be the same? > For > example, the first server use: > > port 1194 [...] > server 10.8.0.0 255.255.255.0 > > The second server use: > > port 1195 [...] > server 10.8.0.0 255.255.255.0 > > Or both of "port" and "server IP" must be different? Uuuhhh careful there. More below ... > 2- You said, "A "NIC" can have multiple IP addresses", so, a server > does not need to have multiple NAT NICs ? For example, A VPN provider > can have a VPN server with a NIC that use three or four public IP > addresses. The relevant IP addresses to decide whether you need to use different ports are those that the clients actually connect to to establish the VPN. (I.e., the ones in the "remote ..." statement of the clients' config.) In another list e-mail, you've shown your VPN server to use (at least two) *private* IPs to access Internet resources, so my guess is that you're going to have the clients connect to public IPs assigned to your Internet uplink, and that some separate device does NAT to redirect the traffic to your VPN server. In that case, in order to have different VPNs offered under the same port, you need two addresses *from those assigned to your Internet connection*; the VPN server can be left with just one internal IP (unless you get a *very* high number of VPN connections). However, the "server" statements in your server-side configs state what IPs the *clients* will be assigned to use for the traffic *inside* the VPN, once they have connected. You very probably want to put different IP ranges into every single config file, *regardless* of whether "port" matches between two configs or not. Kind regards, -- Jochen Bern Systemingenieur Binect GmbH _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages.
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
