+1 on OpenVPN, and then a framework later on.
-----Original Message----- From: Rohit Yadav <rohit.ya...@shapeblue.com> Sent: 10 June 2021 10:25 To: dev@cloudstack.apache.org; us...@cloudstack.apache.org Subject: [DISCUSS] Moving to OpenVPN as the remote access VPN provider All, We've historically supported openswan and nowadays strongswan as the VPN provider in VR for both site-to-site and remote access modes. After discussing the situation with a few users and colleagues I learnt that OpenVPN is generally far easier to use, have clients for most OS and platforms (desktop, laptop, tablet, phones...) and allows multiple clients in the same public IP (for example, multiple people in the office sharing a client-side public IP/nat while trying to connect to a VPC or an isolated network) and for these reasons many users actually deploy pfSense or setup a OpenVPN server in their isolated network or VPC and use that instead. Therefore for the point-to-point VPN use-case of remote access [1] does it make sense to switch to OpenVPN? Or, are there users using strongswan/ipsec/l2tpd for remote access VPN? A general-purpose VPN-framework/provider where an account or admin (via offering) can specify which VPN provider they want in the network (strongswan/ipsec, OpenVPN, Wireguard...). However, it may be more complex to implement and maintain. Any other thoughts in general about VPN implementation and support in CloudStack? Thanks. [1] http://docs.cloudstack.apache.org/en/latest/adminguide/networking_and_traffic.html#remote-access-vpn Regards.
