Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Open vpn multiple site to site S2S vs SSL/TLS

    OpenVPN
    2
    3
    1.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yaboc
      last edited by

      currently i'm using IPSEC for site to site (10 tunnels) but I saw a faster performance when I tried to switch one over to OpenVPN (P2P shared key).

      If i need to add more OpenVPN S2S can i continue using shared key and just add clients at the rest of the locations connecting to the main site? Or create a new server for each client ? Or do i need to switch to P2P SSL\TLS for openVPN multisite ?

      When I tried to just add more clients connecting to the site using SharedKey connections weren't that stable.

      Can someone shed some light on how to approach this ?

      Thank you,

      y

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        Shared Key is 1:1  – One client to one Server

        SSL/TLS can work either way. If you want only one server process and multiple clients, it must be SSL/TLS.

        That style of setup is explained at https://doc.pfsense.org/index.php/OpenVPN_Site-to-Site_PKI_%28SSL%29 -- be careful to follow everything, especially the parts about client specific overrides and iroutes.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • Y
          yaboc
          last edited by

          thanks jimp. i will go with SSL/TLS method. appreciate the link.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.