Tweet
Hello. First of all, I'm not very very knowledgeable about network....stuff, so please bear with me 
I've been running an OpenVPN Community server for a while under a TAP interface and it has worked flawlessly so far (currently using version 2.4). I'm planning to update to the latest 2.6 one soon, and also to change the interface to TUN, not only because of the alleged traffic improvements over TAP, but also because I'm also gonna run an internal website over VPN, and due to the mobile users of it (using OpenVPN Connect), it needs TUN in order to work.
Thing is...I run a very simple (at least I think it is) and point-to-point VPN. I've a VPN server which also runs a MySQL (for database queries) and Apache ones (linked to MySQL so mobile users can access the database data via a web interface that we created), plus a couple of administrative enterprise software (which is what worries me the most....details below). AFAIK it's strictly point-to-point (each client connects only to the server and nothing else, the server offers no other services except MySQL, Apache, and the administrative enterprise software, and there's no client-to-client anything), so theoretically TUN should be a no-brainer choice.
Thing is that one of the administrative enterprise software works a bit in an odd way....it's only installed on the server, but somehow you can execute it on any client with just a Windows network shortcut, and it somehow temporarely "downloads" all the necessary files to function on the fly to the client. Also, any changes to the data done in any client executing it gets stored in the server flawlessly as well. So far it has worked well under a TAP interface...should I expect the same over a TUN one? (unfortunately I haven't had the chance to test it yet, and I won't be able to for 2-3 weeks or so).
Thank you for your replies
I've been running an OpenVPN Community server for a while under a TAP interface and it has worked flawlessly so far (currently using version 2.4). I'm planning to update to the latest 2.6 one soon, and also to change the interface to TUN, not only because of the alleged traffic improvements over TAP, but also because I'm also gonna run an internal website over VPN, and due to the mobile users of it (using OpenVPN Connect), it needs TUN in order to work.
Thing is...I run a very simple (at least I think it is) and point-to-point VPN. I've a VPN server which also runs a MySQL (for database queries) and Apache ones (linked to MySQL so mobile users can access the database data via a web interface that we created), plus a couple of administrative enterprise software (which is what worries me the most....details below). AFAIK it's strictly point-to-point (each client connects only to the server and nothing else, the server offers no other services except MySQL, Apache, and the administrative enterprise software, and there's no client-to-client anything), so theoretically TUN should be a no-brainer choice.
Thing is that one of the administrative enterprise software works a bit in an odd way....it's only installed on the server, but somehow you can execute it on any client with just a Windows network shortcut, and it somehow temporarely "downloads" all the necessary files to function on the fly to the client. Also, any changes to the data done in any client executing it gets stored in the server flawlessly as well. So far it has worked well under a TAP interface...should I expect the same over a TUN one? (unfortunately I haven't had the chance to test it yet, and I won't be able to for 2-3 weeks or so).
Thank you for your replies