If would to change / add VPN protocol, I would suggest WiredGuard. OpenVPN is great, but key-based installation is much more difficult / painful to configure Windows Base Client. / Mobile Client (Android. IOS) OpenVPN easier deployment is on Access Server , which is paid services ( correct me if I am wrong )
On Thu, Jun 10, 2021 at 9:31 PM Stênio Firmino <ste...@usp.br.invalid> wrote: > OpenVPN support will be great. S2S > -- > Stênio Firmino Filho > Chefe de Seção Técnica - SCINT - CETiSP > Superintendência de Tecnologia da Informação > Universidade de São Paulo > Av. Prof. Luciano Gualberto, travessa 3, 71 > CEP 05.508-010 - São Paulo/SP > > > On Thu, Jun 10, 2021 at 8:46 AM Andrija Panic <andrija.pa...@gmail.com> > wrote: > > > +1 > > > > as it's, these days, a de facto standard for every VPN device/provider - > > and there is great support with OpenVPN clients for all client Operating > > Systems. > > > > On Thu, 10 Jun 2021 at 11:24, Alex Mattioli <alex.matti...@shapeblue.com > > > > wrote: > > > > > +1 on OpenVPN, and then a framework later on. > > > > > > > > > > > > > > > -----Original Message----- > > > From: Rohit Yadav <rohit.ya...@shapeblue.com> > > > Sent: 10 June 2021 10:25 > > > To: dev@cloudstack.apache.org; us...@cloudstack.apache.org > > > Subject: [DISCUSS] Moving to OpenVPN as the remote access VPN provider > > > > > > All, > > > > > > We've historically supported openswan and nowadays strongswan as the > VPN > > > provider in VR for both site-to-site and remote access modes. After > > > discussing the situation with a few users and colleagues I learnt that > > > OpenVPN is generally far easier to use, have clients for most OS and > > > platforms (desktop, laptop, tablet, phones...) and allows multiple > > clients > > > in the same public IP (for example, multiple people in the office > > sharing a > > > client-side public IP/nat while trying to connect to a VPC or an > isolated > > > network) and for these reasons many users actually deploy pfSense or > > setup > > > a OpenVPN server in their isolated network or VPC and use that instead. > > > > > > Therefore for the point-to-point VPN use-case of remote access [1] does > > it > > > make sense to switch to OpenVPN? Or, are there users using > > > strongswan/ipsec/l2tpd for remote access VPN? > > > > > > A general-purpose VPN-framework/provider where an account or admin (via > > > offering) can specify which VPN provider they want in the network > > > (strongswan/ipsec, OpenVPN, Wireguard...). However, it may be more > > complex > > > to implement and maintain. Any other thoughts in general about VPN > > > implementation and support in CloudStack? Thanks. > > > > > > [1] > > > > > > http://docs.cloudstack.apache.org/en/latest/adminguide/networking_and_traffic.html#remote-access-vpn > > > > > > > > > > > > Regards. > > > > > > > > > > > > > > > > > > > -- > > > > Andrija Panić > > > -- Regards, Hean Seng
