Multiple VPNs use the same IP-Network



  • hello,
    it's stated that one can install multiple VPNs:
    "This app can be installed multiple times to create independent OpenVPN instances"

    which leads to having the same IP-network 10.8.x.x on all VPNs.
    which means, on can not connect to different VPNs at the same time.

      inet 10.8.0.6 peer 10.8.0.5/32 brd 10.8.0.6 scope global noprefixroute tun0
      inet 10.8.0.6 peer 10.8.0.5/32 brd 10.8.0.6 scope global noprefixroute tun1
    

    and during installation, an already used port is suggested.
    it would be nice if one can configure the IP-Networks by oneself, or at least don't use already used Networks.
    are there any possibilities to change it, if not, can you pls. fix this?

    TIA
    guenter



  • Hi @chymian ,

    I am curious: What is the use case for connecting from one client to multiple openvpn apps running on the same cloudron?



  • hey @fbartels,
    usecase is i.e.:
    I have several (cloud-/hosted-) servers which I need connection to.
    and I do have customers, where I need to have remote-access to their infrastructure *), but they must not have access to mine.
    not using a multi-purpose VPN yet, to hide (me and as service for my customers) behind my cloudron if abroad, since it's only a bridged and not a routed VPN.

    *) it would also be nice to have a disable switch to disconnect their NAS/servers, which automaticaly connect.

    on the other hand: what is a multiple-VPN ability on a server for, when I can not use them at the same time?
    JMTC

    regards
    guenter



  • OK, so you have a vpn where you connect your servers to, and another vpn where your clients connect to.

    I had a quick look at the code of the app and it seems quite possible to have the IP net configurable, e.g. Inhttps://git.cloudron.io/cloudron/openvpn-app/blob/master/openvpn-conf.sh#L20

    I an not entirely sure where DHCP comes from in the app. Could not find it with my short look.



  • This is an interesting use case one which we did not consider - where the same machine connects to multiple VPNs. As suggested, we can look into making the network IP of each instance more dynamic so that this works out of the box.