[_8j50]

> It's a Virtual Private Network connection, you create a Virtual (not physical) Private Network (between your device and another device/server) there's no real difference between a site-to-site VPN and a client-access VPN other than if the devices at each end route more than just the partner traffic over the private network.

The difference is one end is not a network but an endpoint part of a network. Multiple client access VPNs can be part of the same subnet.

> If I connect a "site-to-site VPN" between my computer and your computer, if I add a route to send all traffic for a particular network to your computer as the next hop, that makes it "client-access" for that particular network, if I add a default route it then sends any internet request I make to your device as the next hop.

In site-to-site VPN, your computer would need to route a separate site network as would the remote end. With client access only the remote end routes a sparate network. Windows for example cannot be used (unless server versions) to provide site-to-site connectivity because it does not route between NICs. Your tunnel IP is used for connectivity with client access but with site-to-site the remote end expects you to adverise a route or have a separate config for a static route back to some other network on your end which is what it will route (won't work otherwise). Hope that is more clear. You can turn your nix box to a s2s vpn terminator but in every VPN type this requires different config which is why the different terms exist.