FEATURE REQUEST: Multiple VPN profiles able to be connected simultaneously.

Comments

8 comments

  • Avatar
    Firewalla

    What will be your use case? we got a couple of requests on this already, but most of it is relating to Netflix or accessing geo-protected video sources.

    0
    Comment actions Permalink
  • Avatar
    mastadon extinction

    Thank you for the quick reply. I have a few reasons. 1. I have a separate virtual server environment with a few apps on a virtual network. I'd use at least one VPN client connection to access that. 2. I routinely scrape address data and contact information from various search engines for research/marketing purposes. This helps me analyze school district density etc. The search engines sometimes get finicky when you have a bunch of traffic from one IP address and they think you are doing something nefarious which I'm not. Lastly, My close friends/associates run VPN servers with their own dedicated environment and It would be nice to have vpn connections established with them so I can pass information securely as I see fit without having to disconnect my previously established VPN connections. 

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    You can add multiple profiles with Firewalla VPN but it is not supported via the Firewalla User Interface. You would have to configure it all via the terminal. I set up one other profile on mine to link a RaspberryPi to the Firewalla. It had to be custom as I could not put any ports on the RaspberryPi through the firewall.

    0
    Comment actions Permalink
  • Avatar
    mastadon extinction

    James, In the user interface, you can build multiple vpn profiles. That's not the issue. the issue is that within the user interface, you can only CONNECT to one profile at a time at least that what it appears like.(if you found a way to connect to multiple vpn servers based off of different profiles please let me know.)

     

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    I thought you meant incoming profiles. But again, you can connect to multiple ones outgoing, but not through the UI. And you cannot use the “only allow these” computers to access it through the UI. You will have to start it and then add some iptables entries for it to work. I have a custom script that will connect to a OpenVPN (RaspberryPI) not through the UI.
    *note* of you do this, Firewalla may not offer support on that side as it is “outside” of their system. They have been helpful with me and offering some support for different things I’ve done to my box, but I try not to bug them if it does not involve their system.

    You can load the profile through the UI and then find the config in the box and then issue openvpn -config (two dashes, autocorrect will not let two for me here) to connect.

    0
    Comment actions Permalink
  • Avatar
    mastadon extinction

    thanks James.  Yeah i understand you can finagle the CLI and some scripts to get multiple connections. I think Firewalla should include that capability in their app. It shouldn't be hard. This is the reason. Anonymity is trending. People want that more and more. Having the ability to use separate VPN connections to assign to each "segment" of your network furthers that goal. I can also think of multiple use cases for SOHO's and other similar setups.  Are there going to be people who primarily want it to circumvent geo-blocked content? yeah obviously. That isn't a good reason not to include a feature though. Can easily do that with just one VPN connection and rotate through profiles depending on what you are watching. My point is, I think by offering this capability in the app, Firewalla will be stepping ahead of its peers in a big way by allowing flexible secure connections for all its segments. Imagine this.  Segment A of network VPN's to VPN server A. Segment B VPN's to VPN server B, Segment C to Vpn server C...so on and so forth. I see alot of sweet things that could be done with that setup and it would be really awesome if I could set that up via the app. If firewalla can pull it off, they can at least be assured i'd be bragging on my FWG for life.

    0
    Comment actions Permalink
  • Avatar
    James Willhoite

    Yes that would be nice. I can see where that would benefit a lot of people. For me, I need something more custom. That is why I scripted a way for the OpenVPN to connect to a Pi (at my parents house). I also set up L2TP/IPSEC/IKEv2 on my Firewalla to connect into my work network.

    0
    Comment actions Permalink
  • Avatar
    Andy

    Adding use case for multiple VPN client, for me using a site-site or remote VPN to another Firewalla, and VPN to a 3rd party at same time.

    0
    Comment actions Permalink

Please sign in to leave a comment.