this is related to another post on this forum viewtopic.php?f=1&t=25310&p=74532#p74532
I have been thinking about this.. and then I also thought that perhaps, I am not approaching this right from the very start. What we did was just put in what we think will work, without really thinking it over and planning it well.
I've thought it over again and perhaps indeed we haven't thought it over well... and this somehow gives me a forum to solicit ideas on what best setup to implement on this.
The current setup (the given):
Multi WAN router providing LAN services (printer, internet sharing) to a Remote Office LAN.
A Head office that has 3 WAN IP addresses
Remote Office users need to access remote desktop application from the Remote Office LAN into the Head Office.
Setup:
Head Office Setup
1. WAN IP1 - xxx.xxx.xxx.xxx
2. WAN IP2 yyy.yyy.yyy.yyy
3. WAN IP3 - zzz.zzz.zzz.zzz
Remote Desktop Terminal Server at Head Office
192.168.100.xyz
192.168.100.abc
Remote Office Setup
1. WAN IP1 - dynamic
2. WAN IP2 - dynamic
3. LAN - 192.168.111.0/24
(remote office uses a Multi Wan linux router setup using source based policy routing, gwping script for Load balancing and failover)
Objective:
Provide Remote Desktop access for the Remote Office LAN users into the Terminal Server at the Head Office
Option 1 - directly launch RDP from Remote Office clients into the WAN IPs
Option 2 - Setup OpenVPN server at the Head Office; each client in the Remote Office LAN initiates its own OpenVPN client, and use that link to the Head office to launch RDP
Option 3 - similar to Option 2, but setup the VPN link on the multi wan router, and set it up in such a way that the Remote LAN clients can access the Head Office LAN machines (so it can access the Terminal Server machine)
I have tried Option 1 and we are now on Option 2.. but bandwidth problems are bugging us. Incidentally, the OpenVPN server setup at the Head Office used TAP (bridging)... I am not sure if using a TUN will improve performance.. I think it will.. but I am not sure...
recommended OpenVPN setup
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech