Seeking Guidance on Advanced Configuration for Pritunl VPN

Hello everyone!! :smile:
I am currently working on setting up a Pritunl VPN for my organization and could use some assistance with the more advanced configuration aspects. And I have been wanting some clarification regarding these specific areas:

  • I am looking to establish a site-to-site VPN connection between multiple offices. But I dont know which one is the best approach to configure this setup using Pritunl? Are there any considerations regarding IP addressing, routing, or firewall rules that I should be aware of?

  • I am interested in implementing a high availability setup for Pritunl to ensure uninterrupted service in case of server failures. Could anyone provide recommendations or best practices for configuring Pritunl in a high availability environment?

  • I am exploring the possibility of creating custom VPN client applications for different platforms (Windows, macOS, Linux). What tools or resources does Pritunl offer to facilitate this process? Are there any examples or templates available to help get started?

  • We use an identity provider (e.g., LDAP, Active Directory) for user management. How can I integrate Pritunl with our existing identity provider to streamline user authentication and management?

  • What options does Pritunl provide for logging VPN activity and monitoring performance? Are there recommended tools or configurations for centralized logging and real-time monitoring?

It will be very helpful for me if you provide me any insights, recommendations, or pointers to relevant documentation. Thank you so much in advance!! :pray: :pray:

Pritunl Link provides site-to-site connectivity with IPsec. It will automatically configure routing tables and optionally a firewall.

High availability configurations should use a MongoDB replica set with at least 3 nodes for quorum. Any number of Pritunl servers can be connected to the replica set.

The pritunl/pritunl-client-electron has the source code for the client but there is no documentation for building the packages.

Single sign-on is in the documentation.

There is auditing but not for network activity.