I need a recommendation from the community on how to accomplish a goal for a new contract I have.
My situation is this. I currently manage a LAN for my office (Site A) and will be managing a new LAN for another school next year (Site B). Site A and Site B are both attached to a private WAN and are separated by a few hops. Every site attached to this WAN has it's internal LAN IP addressing masked from the reset of the network by global NAT so that all traffic from a site appears to come from a /28 subnet.
My plan is to place equipment at both Site A and Site B that will tunnel traffic between them to allow for unification of management. My question to you is what is the best way to accomplish this. My initial plan has been to place OpenVPN boxes at each site and tunnel the traffic that way. However, in my brainstorming I have been considering other options as well such as GRE or L2TP tunneling. Since the WAN is private, utilizing what would be dark fiber if we weren't lighting it, I don't feel an intense need to encrypt traffic. What inexpensive options do I have here? I have access to some unused SFF PCs that I can use and I would like to be able to find something in the open source arena.
P.S. I don't have the option to add the ip blocks to WAN routing tables due to a third party that is contracted to manage the WAN.