Openvpn config client-to-client ?

Fetakungen

Hi, i have a running open vpn server on my pfsense box. Problem is that the ping is very high between the client's since all traffic goes through the server. How do i add the –client-to-client argument ? Tried putting it in the advanced option but no result. Is it possible with pfsense version of openvpn ?

In short i want open vpn configured as hamachi.

jimp

client-to-client doesn't do what you're after.

client-to-client only allows the clients to see each other, it doesn't cause them to send their packets directly.

From the OpenVPN documentation:

–client-to-client
              Because the OpenVPN server mode handles multiple clients through
              a  single tun or tap interface, it is effectively a router.  The
              --client-to-client  flag  tells  OpenVPN  to  internally  route
              client-to-client  traffic  rather than pushing all client-origi-
              nating traffic to the TUN/TAP interface.

When this option is used,  each  client  will  "see"  the  other
              clients  which  are currently connected.  Otherwise, each client
              will only see the server.  Don't use this option if you want  to
              firewall tunnel traffic using custom, per-client rules.

This option is available in pfSense on the remote access VPN server mode as "Inter-client communication"

Fetakungen

@jimp:

client-to-client doesn't do what you're after.

client-to-client only allows the clients to see each other, it doesn't cause them to send their packets directly.

From the OpenVPN documentation:

–client-to-client
              Because the OpenVPN server mode handles multiple clients through
              a  single tun or tap interface, it is effectively a router.  The
              --client-to-client  flag  tells  OpenVPN  to  internally  route
              client-to-client  traffic  rather than pushing all client-origi-
              nating traffic to the TUN/TAP interface.

When this option is used,  each  client  will  "see"  the  other
              clients  which  are currently connected.  Otherwise, each client
              will only see the server.  Don't use this option if you want  to
              firewall tunnel traffic using custom, per-client rules.

This option is available in pfSense on the remote access VPN server mode as "Inter-client communication"

So basically Openvpn can't do what i'm after ?

jimp

Not that I'm aware of, no. Not unless you manually setup a mesh of tunnels.

You might look into Tinc.

Fetakungen

@jimp:

Not that I'm aware of, no. Not unless you manually setup a mesh of tunnels.

You might look into Tinc.

I see, i will take a look =).