OpenVPN Bridge

[s4rs]

Is it possible and if so is there a guide to setup and openvpn bridge instead of a tunnel? This would be a client to server not site to site.

[bartjsmit]

Yes, configure the VPN with a tap (layer 2) instead of a tun (layer 3) device on both ends.

Bart...

[s4rs]

So I can follow the OpenVPN road warrior guide and just select tap instead of tun? what about the IP address side of things? Or does the fill in form change when you select tap?

[bartjsmit]

I haven't used it myself but the tap device let's the client use the internal dhcp. What is your requirement for bridging?

Bart...

[s4rs]

Pretty self indulgent. I have Verizon FIOS and they allow in-home devices to act as a fully functional cable box/tv. When you are out of the house you have a limited channel set. I tend to travel and would like to have access to my local stations. I could have cheaped out and when with a slingbox but I figured I would take the time and learn about routers, VPNs etc so I went this route.

I could try the tunnel route but since the request would be coming from a different subnet I doubt Verizon would allow access. So I think a bridge is the right way to go. I was hoping someone did it before. I looked at pfsense and there was talk about having to add a plugin and wasn't sure if I had to do the same with Opnsense

[bartjsmit]

You could try a NAT for your routed tunnel so the traffic will appear to come from the LAN interface of the firewall.

Bart...

[s4rs]

How would I configure inbound NAT?

[bartjsmit]

Good question! I had it set up on a Linux OpenVPN server but I can't see the option in OPNsense. Sorry

Bart...

[s4rs]

Thanks anyone else know?