We recently moved a site from a Netgate appliance to a Unifi UDM SE appliance. While setting up the VPN, we discovered we are only able to sey up a single instance of OpenVPN. Is this correct or are we missing something? We can create multiple instances of Wireguard but only a singe OpenVPN.
That is correct, they only allow one.
This is unfortunate. Since there is only one OpenVPN server, is there a way to limit vlan access for specific users? We have only recently begun using Unifi again since they have improving feature availability. Generally we have used Netgate where this was a pretty simple process.
I don’t think there is a way using their built in setup, but possibly if you use an external radius server.
If you mean “filter VPN users access to certain resources within the LAN VLANs” then you can do this with the Zone Based Firewall. You’ll have to distinguish users based on IP address because the source zone and subnet will be the same for all of the VPN connections.