VPN is like having both machines connected with cable in the same private subnet. Could do anything between bidirectionally.<br><br>On Monday, September 16, 2013, Brian Mathis <<a href="mailto:brian.mathis%2Bale@betteradmin.com">brian.mathis+ale@betteradmin.com</a>> wrote:<br>
> On Mon, Sep 16, 2013 at 7:19 PM, Alex Carver <<a href="mailto:agcarver%2Bale@acarver.net">agcarver+ale@acarver.net</a>> wrote:<br>>><br>>> On 9/16/2013 14:21, Brian Mathis wrote:<br>>>><br>
>>> I've not used it for this, but maybe you should look into setting up a VPN<br>>>> between the two servers using OpenVPN. This is essentially the same as<br>>>> what you're looking at using SSH for, except it would actually be a real<br>
>>> VPN instead of hacking some stuff through SSH port forwards.<br>>>><br>>><br>>> I've never set up a VPN so I'll likely have many questions when I get started. For example: if I set up the VPN server on one end and the client on the other then get them connected, is the connection bidirectional such that an initiator (e.g. ssh, browser, etc.) can be on either side or must all connections using the VPN be initiated on the client side of the VPN?<br>
>><br>>> As an example, suppose the app server (machine A) is the VPN client and the file server is the VPN server (machine B) so that A initiates a connection to B. Can an ssh client on B establish a connection to A going backwards from the A->B VPN link?<br>
><br>> In the most basic setup, where you don't mess with routing or anything, you wind up with a point to point link between the 2 systems. Each system gets its own IP address which is part of the VPN network (separate from your existing subnet). Each system should be able to connect to the other by using the VPN IP address (bi-directional), and no other traffic should be routed over that. As long as you don't set the VPN link as the default gateway, it won't affect any other traffic.<br>
><br>><br>> ❧ Brian Mathis<br>><br>><br><br>-- <br>Sent from Gmail Mobile<br>