I have a question regarding the data flow in a pritunl link environment. The this article from the pritunl documentation, there are three pritunl link clients; one in aws, one in google cloud and one in oracle cloud.
When a remote user (using the OpenVPN client) connects to the VPN server and needs to access something from in the oracle cloud, what is the flow of the traffic?
Does the user hop from the VPN server → link client (AWS) → link client (google) → link client (oracle) ?
Or does the user go from VPN server → link client (AWS) → link client (oracle)?
Unless the Transit Peer option has been changed each link location connects to all other link locations. Traffic will not transit through other locations by default.
The first diagram is correct. The VPN server will not function as a link and will transfer traffic to links. Assuming the link client is on a different instance the traffic will come into the VPN server then go to the VPC routing table and get routed to the local link client which will then route the traffic to the other location. It is not recommended to run the link client on the same instance as the VPN server.
To transit a peer first choose the location that will serve as the gateway. In that location click transit peer. Then any location that is linked to that location will have access to that peer going through that gateway. To enable transit in a location remove the peer from that location. After the peer is removed it will be shown again with a Transit (location) label, the location in the label will indicate the location that is used to access that peer. Clicking remove again will remove the transit also, this can be used to fully exclude a location. Adding the peer back will reset it back to the original peered state.
