Use of OpenWrt for remote tunnelling

I've got an AR300M, which did good service as a WiFi router. I was wondering if I could use a pair of them to set up a tunnel to a remote office such that a remote PC (or remote smart phones) would effectively be on the central office LAN.

I used to know the right words for this kind of setup, but my memory is failing me!

Do I need to setup OpenVPN sever on a device at the head office and then OpenVPN client on another device at the remote location?

Or can I get away with just installing an OpenVPN server and getting the individual remote devices to connect via software VPN client?

Yes it's called a site to site VPN. Or as you said you can run a VPN client directly on the endpoint device.

The site with the server needs a publicly reachable IP address. The main router at the site needs to be configured to forward the VPN incoming port to your VPN server.

The server site main router also needs a static route to send return packets from the LAN back to the VPN properly. Though if it's going to be strictly one device at the client, you could use a layer 2 VPN (TAP interface) so your client directly joins the LAN rather than being routed.

Since those don't have a powerful CPU, Wireguard should be considered instead of OpenVPN.

3 Likes

Thanks very much!