Page 1 of 1

Multiple connectors on same server

Posted: Mon Nov 15, 2021 11:39 am
by liormmm
Hi guys,

I've recently created an OpenVPN Cloud account in order to test it before deciding to migrate our currently (very) outdated OVPN on-premise. We have three different profiles with different network restrictions running on our current set up and I would like to have something like that with the Cloud solution and the connector.
I have already set up one connector on a Debian 10 accessing just fine some of our networks and I would like to set up another one on the same server, but with different networks configured. Is there a way to have two (or more) connector configs running on the same server? I couldn't find it in the Connector installation documentation.

Thanks in advance!
Best regards
Lior.

Re: Multiple connectors on same server

Posted: Tue Nov 16, 2021 4:25 pm
by openvpn_inc
Hello Lior,

In theory running multiple OpenVPN Cloud connector connections is most likely okay. I say most likely, because the problem is you have to avoid IP and routing conflicts at all costs now. OpenVPN Cloud uses an internal VPN subnet, and if you connect one system to different OpenVPN Cloud setups, then these internal VPN subnets are going to collide if they are the same - but the good news is you can change those subnets, per OpenVPN Cloud tenant. But it's a particular range per OpenVPN Cloud tenant. Trying to connect three times at the same time to the same OpenVPN Cloud tenant is going to be a problem.

Then you have to deal with routing conflicts. The subnets that this one system should have access via the various OpenVPN connections should also not collide. Otherwise the system will not know where to send this traffic.

Yes, it can be done. But you have to pay a lot of very careful attention to the VPN IP address ranges and the subnets that this connector has access to. Also, if this connector is giving access to your private subnet that the connector is on, then you have a problem. It can only travel through one VPN tunnel, not all 3 of them.

However, should you? My advise would be - don't. Just set up separate virtual machines. You're asking for IP and routing conflicts and support on this will most likely be lacking from our side - better to separate it.

Kind regards,
Johan

Re: Multiple connectors on same server

Posted: Fri Nov 19, 2021 7:03 am
by Stephanie_Sy
I can have a different batch file to execute on my local windows computer to establish the connection, though it would be ideal if I can have both servers connected at the same time to use in my reporting.

Re: Multiple connectors on same server

Posted: Tue Nov 30, 2021 4:55 pm
by openvpn_inc
Hello Stephanie_Sy,

Yes perhaps it would be ideal but to ensure you don't get routing or subnets conflicts you have to take care not to cause those. I'm not against doing multiple connections, and it is certainly possible, but I'm just warning that you that there are limitations in networking stacks that you need to avoid.

Good luck,
Johan

Re: Multiple connectors on same server

Posted: Wed Dec 01, 2021 7:58 am
by s.dein
I have similar question.
And the main reason is that I need to setup the access of different users to different computers behind gateway which works via openvpn connector.
It was easy in Access Server via User Permission.
But how I could do it in OpenVpn Cloud?
Do I have to create separate network for each of the user group?

Regards,
Stephen

Re: Multiple connectors on same server

Posted: Wed Dec 08, 2021 10:15 am
by openvpn_inc
Hello s.dein,

That sounds like a different question to me. The original question was about having multiple OpenVPN tunnels open from the same connector. What you're describing sounds to me like it can be solved with just one OpenVPN tunnel from one connector. Once that tunnel is established you can route the entire private network through that one tunnel to OpenVPN Cloud, and from there access to the resources in the private network can be granted.

In OpenVPN Cloud, under Networks, you can use the site-to-site connectivity. This lets you set up a Connector that connects the whole private network to your OpenVPN Cloud environment, and then you can have other OpenVPN Cloud connected users access resources in that private network. That doesn't require multiple OpenVPN tunnels.

Kind regards,
Johan

OpenVPN cloud over aws transitgateway

Posted: Tue Feb 15, 2022 8:59 pm
by sandeepyy
Hello

We have been using open vpn access server and centrally controlling the traffic through multi-account vpc transit gateway

Is it possible to make same setup using openvpn cloud ? if yes then how that steps should ? Please give a details information since am newbie to openvpn cloud

Re: Multiple connectors on same server

Posted: Fri Feb 18, 2022 10:28 am
by openvpn_inc
Hello sandeepy,

Yes it is possible to do similar with OpenVPN Cloud. You can set up the transit gateway connections so all the subnets are reachable from the VPC you install the connector on. Then you connect this connector to OpenVPN Cloud with one VPN tunnel. Then you can tell OpenVPN Cloud which subnets are reachable through that connector. Traffic can then be relayed from clients connected to OpenVPN Cloud to the connector, and from there onto the rest of your AWS network.

If reverse is necessary, from AWS networks to OpenVPN Cloud, you'll have to ensure routing is used and that the networks are aware of the OpenVPN Cloud subnet(s).

Kind regards,
Johan