i am trying to set an active directory environment (using VMs), however i will be using difference computers on different sites for this environment (so i need VPN)
will running openVPN on the DC and on the remote vms be enough to allow the machines to join the domain??
I’d setup a site-to-site VPN, using the firewalls to connect the two networks, and avoid running openVPN on a domain controller.
I would never recommend installing a VPN on a DC, keep DC’s as clean as possible. Use a separate server instead and route traffic through those servers to reach each other, that way you don’t need the client on each VM. That or use a dedicated device like a hardware firewall.
We did this previously using site-to-site VPN over hardware / edge routers and leaving DNS to your DCs or other local apps. Setting up multiple sites in AD so that each site had its own resources but under the same domain worked pretty well for smaller footprint stuff, but by no means was it FAST.
Can’t run VPN on a domain controller mate
Well, you can , it just causes intermittent issues with DNS
Site to site tunnels are the solution.
Create a mesh or hub/spoke VPN with Wireguard on your edge devices. You can use iBGP or OSPF for routing.