I want to create a VPN concentrator to help my devices connect to one another. So client 1 and 2 connect to a VPN server (that could be on a VPS). Client 1 (phone) can then access services offered by client 2 (server).
For traffic to route from client to client, OpenVPN offers the option “client-to-client” in server config file. However, it does not explain the meaning of this option. It seems to me that, this means that the VPN server decrypts the traffic of client 1 and re-encrypts it for client 2.
Is that true?
How can I improve this set up?
Can I have a peer to peer tunnel between clients, so that the VPN server would not be able to MITM the traffic?