Site-to-Site VPNs & CloudConnexa

OpenVPN Access Server has been used for establishing site-to-site VPNs for businesses for years now. And, for many businesses, Access Server provides a powerful tool. But today, we’re excited about how our new, next-gen VPN, CloudConnexa addresses the very same situation. For any business looking to grow and scale their site-to-site network securely, CloudConnexa does just that — and with no servers on-premise required, simplifying things extensively for your IT admin. Certainly, there are some businesses for whom Access Server remains the best option, but it all depends on your current needs. 

For any business looking to grow and scale their site-to-site network securely, CloudConnexa does just that — and with no servers on-premise required.

To explain things further, and to expand on the differences in using Access Server or CloudConnexa for your site-to-site VPN, we brought in the team who has worked directly on the products themselves: Rohit Kalbag, Director of Product Management; Kyryl Tumanov, Product Manager for Cloud; and Johan Draaisma, Product Manager for Access Server. 

Why Use A Site-to-Site VPN?

“Site-to-site is important because it allows remote users to use one VPN connection to access resources distributed at various sites,” explains Kalbag. “When all the sites are interconnected to form one VPN, not only can remote users connect to the VPN and access all the resources spread about in multiple sites, but the servers and users at each site can also communicate with other sites.”

Any business which needs to interconnect at least two locations will need a site-to-site VPN.

Kyryl Tumanov, Product Manger for CloudConnexa

In fact, as Tumanov adds, a site-to-site VPN has become all but essential for any growing company in our data-rich society. “Any business which needs to interconnect at least two locations (on-prem or Cloud) will need a site-to-site VPN,” he says. “Most businesses cannot rely on a single location to scale.”

And, as Draaisma adds, a site-to-site VPN makes things simple for your team. “Usually, the user just starts up his computer in the office network. From there, he is able to transparently access resources that are in another network — but the user doesn’t have to worry about it. It just works, and it works securely.” 

Using OpenVPN Access Server

Many OpenVPN customers are currently using Access Server to establish their site-to-site VPN. It’s worked for them for years, and provides a reliability and security that many products simply can’t match. “Access Server can be easily set to operate in routed mode and to mark the VPN client connecting the site as a gateway client,” says Kalbag of Access Server’s popularity. “It lends itself easily to hub-and-spoke configuration which works well for use cases like branch offices connecting to headquarters.”

Using Access Server means using your own servers, on your own premises.

And, perhaps most importantly, using Access Server means using your own servers, on your own premises. “With Access Server,” explains Draaisma, “you have the infrastructure completely in your own hands. With Cloud you rely on our infrastructure.” For some, this isn’t a priority — but for those who prefer it, it can make a big difference. 

Using CloudConnexa

Our next-gen VPN, CloudConnexa, is relatively new, but it comes with a powerful suite for customers looking to establish a site-to-site VPN connection for their business. Plus, as Kalbag explains, its speed is unmatched. "CloudConnexa simplifies site-to-site connectivity by allowing full-mesh routing with other sites as soon as a site is connected to one of our global points of presence. With CloudConnexa there is no single hub as in the traditional hub-and-spoke model where all traffic passes through. Instead, CloudConnexa is a full-mesh routing network where a connection to any of the CloudConnexa Regions allows direct connectivity to all your sites. CloudConnexa also allows for a high-speed VPN connection from the site to CloudConnexa by running the Connector with Data Channel Offload (DCO) beta feature turned ON, which greatly improves the performance of the VPN tunnel."

Plus, Kalbag goes on to explain, CloudConnexa comes with several advantages which businesses can benefit from. “The AWS Connector for CloudConnexa has been enhanced to automatically make routing changes as more sites are added. OpenVPN also has full-mesh connectivity, DCO, and access control of network-to-network communication. If full-control and self-hosting are not required, I would recommend CloudConnexa for all site-to-site use cases.”

The main benefit of CloudConnexa is simplicity.

Kyryl Tumanov, Product Manager for CloudConnexa

Tumanov agrees, adding that “the main benefit of CloudConnexa is simplicity. You don’t have to manage or scale servers. You automatically deploy a connector using our Wizard, and your site is connected to CloudConnexa. You can then configure granular access between sites. If you need high availability and/or increased performance using load balancing, you can configure it easily by adding another connector.”

For many people, the choice between the two tools is an easy one. But if you’re not sure which one would be best to set up your site-to-site VPN, Tumanov lays it out quite simply: “If you would like to have full control of your deployment and would like all the data to go through your on-prem infrastructure, then Access Server could be a better solution for you. But if you would like to have simple configuration, easy maintenance and scaling? You should choose CloudConnexa.”

Share this story: