If thinking of only Site-to-Site VPN , then OpenVPN and WireGuard is no much different , or even current one is gpod. Only only time setup at router. However if considering of Mobile Client, OpenVPN is more complicated.
The only concern now is multiple people in the same public IP need to access the VPN. And this consideration will be OpenVPN or Wireguard to handle this requirement. And for this purpose of multiple people in same public ip need to access to VPN, then we will have think of usability and easy installation of VPN client. We are using OpenVPN for more then 5 years, but always there is new PC need to configure VPN Client, windows , android, ios, it is painful ( we are not using access server) . Currently we test on WireGuard, just forgot about performance or whatsoever, just the conveniences of implementation, that is very great and easy for client installation , even mobile client on phone or tablet. On Fri, Jun 11, 2021 at 5:04 PM Daan Hoogland <daan.hoogl...@gmail.com> wrote: > This is a potential religious debate, I think it makes the most sense to > try and make the provider optional and let the operator or even the > end-user decide. I see how this is an extra challenge, but does it make > sense? > > On Thu, Jun 10, 2021 at 10:24 AM Rohit Yadav <rohit.ya...@shapeblue.com> > wrote: > > > All, > > > > We've historically supported openswan and nowadays strongswan as the VPN > > provider in VR for both site-to-site and remote access modes. After > > discussing the situation with a few users and colleagues I learnt that > > OpenVPN is generally far easier to use, have clients for most OS and > > platforms (desktop, laptop, tablet, phones...) and allows multiple > clients > > in the same public IP (for example, multiple people in the office > sharing a > > client-side public IP/nat while trying to connect to a VPC or an isolated > > network) and for these reasons many users actually deploy pfSense or > setup > > a OpenVPN server in their isolated network or VPC and use that instead. > > > > Therefore for the point-to-point VPN use-case of remote access [1] does > it > > make sense to switch to OpenVPN? Or, are there users using > > strongswan/ipsec/l2tpd for remote access VPN? > > > > A general-purpose VPN-framework/provider where an account or admin (via > > offering) can specify which VPN provider they want in the network > > (strongswan/ipsec, OpenVPN, Wireguard...). However, it may be more > complex > > to implement and maintain. Any other thoughts in general about VPN > > implementation and support in CloudStack? Thanks. > > > > [1] > > > http://docs.cloudstack.apache.org/en/latest/adminguide/networking_and_traffic.html#remote-access-vpn > > > > > > > > Regards. > > > > > > > > > > -- > Daan > -- Regards, Hean Seng
