OPNsense Forum
English Forums => Virtual private networks => Topic started by: deepahw02 on June 26, 2022, 09:55:19 am
-
I want to connect two remote sites over some kind of VPN connection with a layer 3 link --- at least I think it needs layer 3:
There is an access point controller on one of the sites that controls wireless access points. It hands out IP addresses to the access points via DHCP and communicates over some tunnel it estblishes between them and itself. So I think I need a connection that lets layer 3 broadcasts go through for the broadcasts to work.
The access point controller is in its own VLAN. I want to extend that VLAN to the remote site. So far, I have always used routed connections, i. e. IPsec and wireguard. There is currently a routed IPsec connection between the sites which is going to be replaced with wireguard.
There will be OPNsense routers at each ends of the connections. Should I use IPsec or OpenVPN for this? Or should I use something else, like a tunnel over a wireguard connection?
เว็บพีจีสล็อต (https://webpressive.com/pgslot-website/)
-
OpenVPN is much easier to configure than IPSec but you already have Wireguard. Layer 3 VPN means that you need to continue routing the networks. Broadcast is at layer 2 and you also need to stretch the VLAN over a layer 2 VPN tunnel.
Generally, this is a bad idea, since all broadcasts need to travel across the WAN. If your use case is DHCP, use a server in each broadcast domain, or a DHCP relay if you need central control.
What exact layer 2 traffic needs to go across the link?
Bart...