Host openVPN server on public machine or private

0

I have several VPS's, the office server (static IP, but not listed on any DNS), and 2 road warriors.

All of these machines ultimately want resources on the office server (maybe occassionally road warrior wants something from a VPS).

Is it best to host the OpenVPN server on my office machine, in its own VLAN? Any reason why it would be better to host on a VPS and make the office a client? (My office ISP upstream bandwidth is not always fantastic either).

Does it really matter where the server is hosted?

user2097818

Posted 2014-12-10T10:13:22.057

Reputation: 480

Answers

1

OpenVPN uses a hub-and-spoke network topology, so you should host your server on the network that most peers want to reach. I your case, it sounds like that would be your office server.

This is purely a performance/optimization thing. As long as the machines are always available, it could work with any other machine as a server too.

Steffan Karger

Posted 2014-12-10T10:13:22.057

Reputation: 551

Is it normal to tunnel all traffic through the server? (spoke to spoke) Is it unwise/painful to configure peer2peer direct after authentication? – user2097818 – 2014-12-11T00:12:32.967

1Yes, this is how openvpn works. You could also connect the 'spokes' directly with another openvpn connection, but that would be separate from the other server. If you want mesh networking, you could take a look at tinc. – Steffan Karger – 2014-12-11T22:05:51.513

Asked: 2014-12-10T10:13:22.057

Viewed: 126 times

Active: 2014-12-11T00:07:51.900