Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
There will be OPNsense routers at each ends of the connections
« previous
next »
Print
Pages: [
1
]
Author
Topic: There will be OPNsense routers at each ends of the connections (Read 752 times)
deepahw02
Newbie
Posts: 2
Karma: 0
There will be OPNsense routers at each ends of the connections
«
on:
June 26, 2022, 09:55:19 am »
I want to connect two remote sites over some kind of VPN connection with a layer 3 link --- at least I think it needs layer 3:
There is an access point controller on one of the sites that controls wireless access points. It hands out IP addresses to the access points via DHCP and communicates over some tunnel it estblishes between them and itself. So I think I need a connection that lets layer 3 broadcasts go through for the broadcasts to work.
The access point controller is in its own VLAN. I want to extend that VLAN to the remote site. So far, I have always used routed connections, i. e. IPsec and wireguard. There is currently a routed IPsec connection between the sites which is going to be replaced with wireguard.
There will be OPNsense routers at each ends of the connections. Should I use IPsec or OpenVPN for this? Or should I use something else, like a tunnel over a wireguard connection?
เว็บพีจีสล็อต
Logged
bartjsmit
Hero Member
Posts: 2017
Karma: 194
Re: There will be OPNsense routers at each ends of the connections
«
Reply #1 on:
June 26, 2022, 03:01:29 pm »
OpenVPN is much easier to configure than IPSec but you already have Wireguard. Layer 3 VPN means that you need to continue routing the networks. Broadcast is at layer 2 and you also need to stretch the VLAN over a layer 2 VPN tunnel.
Generally, this is a bad idea, since
all
broadcasts need to travel across the WAN. If your use case is DHCP, use a server in each broadcast domain, or a DHCP relay if you need central control.
What exact layer 2 traffic needs to go across the link?
Bart...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
There will be OPNsense routers at each ends of the connections