Can OpenVPN be used for site-to-site VPN?

Can you use OpenVPN on a Mac?

- vinay
======.

chmaynard. I don't think so, but I don't have a Mac. I don't think it's possible to install OpenVPN on a Mac without booting into Linux. The only way to do it is to download and install a VM of Linux. DannoHung. I think you're right. I tried it with the latest version of OpenVPN and OSX It told me to boot to Linux. -----. Vbsteven. You can try using a VM. You can even have it run as a full OS.

Michaelpinto. Yes, I use OpenVPN on my MacBook Pro running Mountain Lion.

Can OpenVPN be used for site-to-site VPN?

I have an idea that I want to implement, and it involves allowing people to create a site-to-site VPN.

I understand that OpenVPN is commonly used for site-to-site VPN and it will also allow clients to change IP's. Does this mean I can use OpenVPN for site-to-site VPN without any problems? Can clients using OpenVPN be able to see the entire network with access to hosts? Yes, it can be. As long as one of the hosts in the VPN is a DHCP server, it can also function as a simple LAN bridge.

There are issues if you require authentication on the tunnel, so it's probably best to run a separate gateway that's just for the VPN. For most scenarios you don't need a proxy anyway, so this should be sufficient.

You could, but it seems like overkill. OpenVPN is mainly used for client-to-client connections where the clients are directly connected to each other; not as a site-to-site connection where the site provides access to its clients. If you have access to your endpoints from the Internet you can open up a static IP to each of them, then create a single openVPN endpoint and set the route for your endpoints through it. From there you'd be able to have them access the network. (If you need authentication set up the openVPN endpoint as a RADIUS server.)
You could make a static route on the OpenVPN endpoint, but I'm not sure how that works, and I'm not sure it would necessarily work well.

How to configure site-to-site VPN in OpenVPN?

OpenVPN is an open-source, very flexible VPN solution which is suitable for a variety of usage scenarios and has a lot of community-supported features.

It can support both client-to-site or site-to-site connections and is commonly used for configuring corporate VPN.

In this post, I'll show how to configure OpenVPN as site-to-site VPN and configure the firewall rules. Since this configuration is quite different from other VPN configuration, I don't expect it to be widely used by regular people. I will describe the common configurations in this post first.

Site-to-site VPN. Since most OpenVPN servers will allow multiple clients to connect to it at the same time, it's really simple to create a client-to-site VPN. If you have just one client, then you can either create a static route in your firewall and route all the traffic destined to the OpenVPN server via your VPN gateway (iptables, PF), or if you have a static IP on your server, just create a host route.

# Host route # IP Address for this node to reach the rest of the network 192.168.22 # IP for "serverip" to reach this node via VPN 10.1 # IP for "serverip" to reach this node via DMZ 192.22

As this is a static route, OpenVPN doesn't send the VPN interface on eth0 so it's much easier to configure. However, there's one small problem with this approach. A single route is not secure enough to be protected by a firewall. You need another route which is secured by a firewall. So how do we do that?

Securing the static route. Since you have a static route defined, you should have a virtual server behind the OpenVPN server to provide security. And to provide security, we need two types of virtual servers: NAT server. Both virtual servers provide protection for the static route by checking the origin of the packets. However, a static route isn't really a VPN so we also need to apply IPSec encryption for the route. IPSec is a protocol to encrypt all traffic between two endpoints.

How to setup site 2 site VPN?

Any suggestions for VPN providers
Any one knows this before help ?168.3. I know we can setup VPN between 2 sites, but how to add site 2 site VPN

If I need to use 1/1 connection for both sites, so it's a problem for me and others too. What you are trying to do can be very complex. First you would have to install VPN on your Server 1 (where site 2 is located). You would also need the VPN client installed on site 2.