Nicolas_IST
Junior Member
Hello,
I am looking to implement a network following the following drawing.
Short version: I want to connect several devices (Android or ChromeOS) to remote servers via an OpenVPN on the internet, through a local node (WRT router).
Slightly longer one: I need to connect my on site (supplier) devices to my on site (suppliers) local WRT router thru their (client's) WLAN, via VPN, and then from my on site (suppliers) local WRT router thru their Ethernet LAN/WAN/Internet to my distant (cloud/internet) OpenVPN server which then will forward traffic to my other servers (through VPN also but this is not the topic and is sorted).
What I can think of is:
- Having a local OpenVPN server and client on the WRT router. The devices connect to the server on the WRT router, and traffic is then retunneled through the client on the wrt router to the OpenVPN server on the internet (which then forwards traffic to whatever is needed). Keys for the devices etc are then managed on the WRT router. The distant OpenVPN server then only manages connections to the WRT router/other servers etc.
- Having devices directly connect to the OpenVPN server on the internet, but through the node, the local WRT router, like a proxy would do for regular traffic. Keys etc for all connected devices/servers would then be managed directly on a single VPN server on the internet.
Note we also have some devices connected directly to the WRT router but not through a VPN (hardware not supporting VPN connections), and we need to remote manage them - so, have the WRT router connect them to the VPN.
Which solution would you prefer, which is more secure, and how would you go about setting up the second solution? Would that solution be configurable in the stock Android and ChromeOS clients?
Thank you,
Nicolas
I am looking to implement a network following the following drawing.
Short version: I want to connect several devices (Android or ChromeOS) to remote servers via an OpenVPN on the internet, through a local node (WRT router).
Slightly longer one: I need to connect my on site (supplier) devices to my on site (suppliers) local WRT router thru their (client's) WLAN, via VPN, and then from my on site (suppliers) local WRT router thru their Ethernet LAN/WAN/Internet to my distant (cloud/internet) OpenVPN server which then will forward traffic to my other servers (through VPN also but this is not the topic and is sorted).
What I can think of is:
- Having a local OpenVPN server and client on the WRT router. The devices connect to the server on the WRT router, and traffic is then retunneled through the client on the wrt router to the OpenVPN server on the internet (which then forwards traffic to whatever is needed). Keys for the devices etc are then managed on the WRT router. The distant OpenVPN server then only manages connections to the WRT router/other servers etc.
- Having devices directly connect to the OpenVPN server on the internet, but through the node, the local WRT router, like a proxy would do for regular traffic. Keys etc for all connected devices/servers would then be managed directly on a single VPN server on the internet.
Note we also have some devices connected directly to the WRT router but not through a VPN (hardware not supporting VPN connections), and we need to remote manage them - so, have the WRT router connect them to the VPN.
Which solution would you prefer, which is more secure, and how would you go about setting up the second solution? Would that solution be configurable in the stock Android and ChromeOS clients?
Thank you,
Nicolas
Last edited:
