Site-to-Site VPN

I’m new to setting up Site-2-Site, and wondering which is better to use: IPsec, L2TP. OpenVPN or Wireguard?

Plan is to have 2 sites,both on different subnets, and to have full access to both networks across both sites.

There will also be about 10 external OpenVPN Road Warriors accessing the network from laptops while on the road!


Wireguard works well for site to site.

1 Like

In the one situation where I need this, I used to do it with OpenVPN. Though I have since switched to using Wireguard, which I find to be much easier to set up. There are just way fewer configuration options with Wireguard.

Also Wireguard allows for some interesting topologies. Since there is no inherent concept of server and client, but rather everyone is a peer, you can invert some of the principles of, for example, OpenVPN, if you desire. Typically you would have a server maintaining connections to multiple clients, with one client only connecting to one server at the same time. But with Wireguard, I believe (although I have not tested this specifically) you can have a “client” (e.g. road warrior) connect to both sites (and therefore networks) directly as needed, without having to elect one of the sites as the main site (“server” in OpenVPN terms) through which all traffic has to go.

Take a look at SoftEtherVPN

It’s free, open source, and rock solid.