Multiple connectors on same server

Next-generation cloud-hosted OpenVPN business solution.
Post Reply
liormmm
OpenVpn Newbie
Posts: 1
Joined: Mon Nov 15, 2021 11:36 am

Multiple connectors on same server

Post by liormmm » Mon Nov 15, 2021 11:39 am

Hi guys,

I've recently created an OpenVPN Cloud account in order to test it before deciding to migrate our currently (very) outdated OVPN on-premise. We have three different profiles with different network restrictions running on our current set up and I would like to have something like that with the Cloud solution and the connector.
I have already set up one connector on a Debian 10 accessing just fine some of our networks and I would like to set up another one on the same server, but with different networks configured. Is there a way to have two (or more) connector configs running on the same server? I couldn't find it in the Connector installation documentation.

Thanks in advance!
Best regards
Lior.

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: Multiple connectors on same server

Post by openvpn_inc » Tue Nov 16, 2021 4:25 pm

Hello Lior,

In theory running multiple OpenVPN Cloud connector connections is most likely okay. I say most likely, because the problem is you have to avoid IP and routing conflicts at all costs now. OpenVPN Cloud uses an internal VPN subnet, and if you connect one system to different OpenVPN Cloud setups, then these internal VPN subnets are going to collide if they are the same - but the good news is you can change those subnets, per OpenVPN Cloud tenant. But it's a particular range per OpenVPN Cloud tenant. Trying to connect three times at the same time to the same OpenVPN Cloud tenant is going to be a problem.

Then you have to deal with routing conflicts. The subnets that this one system should have access via the various OpenVPN connections should also not collide. Otherwise the system will not know where to send this traffic.

Yes, it can be done. But you have to pay a lot of very careful attention to the VPN IP address ranges and the subnets that this connector has access to. Also, if this connector is giving access to your private subnet that the connector is on, then you have a problem. It can only travel through one VPN tunnel, not all 3 of them.

However, should you? My advise would be - don't. Just set up separate virtual machines. You're asking for IP and routing conflicts and support on this will most likely be lacking from our side - better to separate it.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Stephanie_Sy
OpenVPN User
Posts: 20
Joined: Mon May 31, 2021 4:51 pm

Re: Multiple connectors on same server

Post by Stephanie_Sy » Fri Nov 19, 2021 7:03 am

I can have a different batch file to execute on my local windows computer to establish the connection, though it would be ideal if I can have both servers connected at the same time to use in my reporting.

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: Multiple connectors on same server

Post by openvpn_inc » Tue Nov 30, 2021 4:55 pm

Hello Stephanie_Sy,

Yes perhaps it would be ideal but to ensure you don't get routing or subnets conflicts you have to take care not to cause those. I'm not against doing multiple connections, and it is certainly possible, but I'm just warning that you that there are limitations in networking stacks that you need to avoid.

Good luck,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

s.dein
OpenVpn Newbie
Posts: 1
Joined: Wed Dec 01, 2021 7:48 am

Re: Multiple connectors on same server

Post by s.dein » Wed Dec 01, 2021 7:58 am

I have similar question.
And the main reason is that I need to setup the access of different users to different computers behind gateway which works via openvpn connector.
It was easy in Access Server via User Permission.
But how I could do it in OpenVpn Cloud?
Do I have to create separate network for each of the user group?

Regards,
Stephen

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: Multiple connectors on same server

Post by openvpn_inc » Wed Dec 08, 2021 10:15 am

Hello s.dein,

That sounds like a different question to me. The original question was about having multiple OpenVPN tunnels open from the same connector. What you're describing sounds to me like it can be solved with just one OpenVPN tunnel from one connector. Once that tunnel is established you can route the entire private network through that one tunnel to OpenVPN Cloud, and from there access to the resources in the private network can be granted.

In OpenVPN Cloud, under Networks, you can use the site-to-site connectivity. This lets you set up a Connector that connects the whole private network to your OpenVPN Cloud environment, and then you can have other OpenVPN Cloud connected users access resources in that private network. That doesn't require multiple OpenVPN tunnels.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

sandeepyy
OpenVpn Newbie
Posts: 1
Joined: Tue Feb 15, 2022 8:54 pm

OpenVPN cloud over aws transitgateway

Post by sandeepyy » Tue Feb 15, 2022 8:59 pm

Hello

We have been using open vpn access server and centrally controlling the traffic through multi-account vpc transit gateway

Is it possible to make same setup using openvpn cloud ? if yes then how that steps should ? Please give a details information since am newbie to openvpn cloud

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: Multiple connectors on same server

Post by openvpn_inc » Fri Feb 18, 2022 10:28 am

Hello sandeepy,

Yes it is possible to do similar with OpenVPN Cloud. You can set up the transit gateway connections so all the subnets are reachable from the VPC you install the connector on. Then you connect this connector to OpenVPN Cloud with one VPN tunnel. Then you can tell OpenVPN Cloud which subnets are reachable through that connector. Traffic can then be relayed from clients connected to OpenVPN Cloud to the connector, and from there onto the rest of your AWS network.

If reverse is necessary, from AWS networks to OpenVPN Cloud, you'll have to ensure routing is used and that the networks are aware of the OpenVPN Cloud subnet(s).

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply