VPN with client-to-client direct connectivity?
Posted
by
Johannes Ernst
on Server Fault
See other posts from Server Fault
or by Johannes Ernst
Published on 2014-08-19T03:11:04Z
Indexed on
2014/08/19
4:22 UTC
Read the original article
Hit count: 450
When setting up a VPN, clients (say client1 and client2) usually authenticate to a server, and together the three constitute the VPN. When client1 wishes to send a packet to client2, this packet usually gets routed by way of server.
Are there products / configuration blueprints for products where it is possible to send packets directly from client1 to client2 without going though server? (if the underlying network topology permits it, e.g. no firewalls in the way)
If not, is there a way by which client1 can send a packet to client2 by way of server, without the server being able to snoop on the content of the packet? (E.g. because the packet is encrypted with the public key of client2)
I just asked in the OpenVPN forum, and the answer I got was "not with OpenVPN". So my question is: are there other products with which this is possible? Open-source preferred ...
One use case: client1 and client2, typically in separate offices, find themselves both at headquarters. Do they still need to talk to each other via the public internet?
Links appreciated. Thank you.
© Server Fault or respective owner