Multiple NordVPN Clients [Under Opnsense]
Posted: Mon Jul 10, 2023 4:08 pm
Good Morning!
I wanted to throw out what I want, what I have and then how I should progress.
Currently on OPNSense I am running 'a' client on OpenVPN using NordVPN. Currently anything on the network goes out using the VPN; Perfect.
What I want is to create another instance/client. My thoughts were to have;
192.168.5.2 - 192.168.5.128 = Client 1
192.168.5.129 - 192.168.5.192 = Client 2
192.168.5.193 - 192.168.5.256 = NON VPN
Currently with Opnsense using the 1 Client, all I am doing is defining 'outbound' for certain IP's to not be on VPN and works well.
My issue is this... When creating this new 2nd client config; Do I need to create a new authority certificate or can I use the same 1 for both. Do I need to create another virtual interface for vpn2. Can I create a 2nd client under the main client or do I need to create a 2nd independent client?
Should I, instead of dividing the one network, create vlan1 = VPN1, vlan2 = VPN2 and vlan3 to be local WAN non VPN?
These of course do not need to be literals. The facts are I want 2 VPN's and choose what groups of IP's belong to what and then my current network is 192.168.5.0.
I hope this makes sense and can be modded or responded with whatever makes better sense. Sorry if this comes across as dumb or the bigger picture I am not seeing but I would really like your help.
I wanted to throw out what I want, what I have and then how I should progress.
Currently on OPNSense I am running 'a' client on OpenVPN using NordVPN. Currently anything on the network goes out using the VPN; Perfect.
What I want is to create another instance/client. My thoughts were to have;
192.168.5.2 - 192.168.5.128 = Client 1
192.168.5.129 - 192.168.5.192 = Client 2
192.168.5.193 - 192.168.5.256 = NON VPN
Currently with Opnsense using the 1 Client, all I am doing is defining 'outbound' for certain IP's to not be on VPN and works well.
My issue is this... When creating this new 2nd client config; Do I need to create a new authority certificate or can I use the same 1 for both. Do I need to create another virtual interface for vpn2. Can I create a 2nd client under the main client or do I need to create a 2nd independent client?
Should I, instead of dividing the one network, create vlan1 = VPN1, vlan2 = VPN2 and vlan3 to be local WAN non VPN?
These of course do not need to be literals. The facts are I want 2 VPN's and choose what groups of IP's belong to what and then my current network is 192.168.5.0.
I hope this makes sense and can be modded or responded with whatever makes better sense. Sorry if this comes across as dumb or the bigger picture I am not seeing but I would really like your help.