VPN with client-to-client direct connectivity?

Posted by Johannes Ernst on Server Fault See other posts from Server Fault or by Johannes Ernst
Published on 2014-08-19T03:11:04Z Indexed on 2014/08/19 4:22 UTC
Read the original article Hit count: 450

Filed under:
|

When setting up a VPN, clients (say client1 and client2) usually authenticate to a server, and together the three constitute the VPN. When client1 wishes to send a packet to client2, this packet usually gets routed by way of server.

Are there products / configuration blueprints for products where it is possible to send packets directly from client1 to client2 without going though server? (if the underlying network topology permits it, e.g. no firewalls in the way)

If not, is there a way by which client1 can send a packet to client2 by way of server, without the server being able to snoop on the content of the packet? (E.g. because the packet is encrypted with the public key of client2)

I just asked in the OpenVPN forum, and the answer I got was "not with OpenVPN". So my question is: are there other products with which this is possible? Open-source preferred ...

One use case: client1 and client2, typically in separate offices, find themselves both at headquarters. Do they still need to talk to each other via the public internet?

Links appreciated. Thank you.

© Server Fault or respective owner

Related posts about vpn

Related posts about openvpn