Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
Trouble connection to certain droplets when connected to VPN server droplet Question Question
WireGuard unstable speed Question Question

Question

Securing private cluster communication: which VPN?

Posted August 26, 2015 6.3k views
NetworkingVPN

I have a small collection of CentOS 7 droplets configured with one droplet exposed on the public Internet and the remaining three accessible only via their private IPv4 addresses.

I plan to lock down all four private interfaces using iptables but first would like to better understand best practices for encrypting the intra-cluster traffic on the DO data center private network.

I found this article on BestVPN to be a fantastic survey of options: https://www.bestvpn.com/blog/4147/pptp-vs-l2tp-vs-openvpn-vs-sstp-vs-ikev2/

Based on this article it seems the reasonable choices are L2TP/IPsec or OpenVPN with the trade-off being ease of configuration vs. Snowden reputation if I’m understanding correctly.

What do you DevOps pros recommend?

Thanks, Chris

Add a comment
AlpineLakes
By:
AlpineLakes

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
Trouble connection to certain droplets when connected to VPN server droplet Question Question
WireGuard unstable speed Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
3 answers
JamesMC June 29, 2016

Hello,

I personally prefer to just use OpenVPN. It is rather easy to setup and something I’m just used to using. You can find a nice guide on doing something akin to what you sound like you want here

It allows you to create a private network across your droplets.

How To Secure Traffic Between VPS Using OpenVPN
by Mason Gravitt
OpenVPN is a great tool to ensure traffic is not eavesdropped. You can use this to ensure a secure connection from your laptop to your DigitalOcean VPS (droplet) as well as between cloud servers. This article is to help get you started on your way to setting up a Virtual Private Network.
Reply Report
ginadajani August 11, 2016

As James have explained, in my opinion, and as far as my experience goes, OpenVPN is the best VPN protocol I have used up till now. You can use IKEV2 if you are using mobile, or PPTP if you are doing streaming. L2TP/IPSec is kind of a neutral protocol as I would call it. So, OpenVPN all the way, but you can also use SSTP if you are a Windows user.

Reply Report
ashtonkai November 22, 2017

I have been using IKEv2 VPN Protocol on my Mac OS which is quite working fast.

Reply Report

Related

Looking for something else?

Ask a new question Search for more help