Bridge Viscosity TAP adapter with 2nd ethernet

live4ever · 23 August 2023 19:00

How do you setup a bridge so a device (where I can’t install OVPN software) connected to Windows 10 2nd ethernet adapter gets DHCP, IP etc. over OpenVPN (TAP) tunnel?

Currently have a TAP Viscosity connection working on ethernet port #1 (gets IP from DHCP of router on remote network and sends all traffic) - remote printers are visible, other PCs etc show up in Windows Explorer>Network.

Thanks

Aaron · 24 August 2023 06:36

Hi,

I’m afraid bridging the VPN network adapter with another network adapter isn’t something that is officially supported by Viscosity.

It’s possible it may work, but you may run into issues if the VPN server/connection isn’t configured to handle the traffic from additional machines. Viscosity itself also isn’t designed to handle things like multiple DHCP assignments through the VPN connection, which could potentially cause issues with routing or DNS assignment. You could potentially try using Windows in-built network bridging support and see what happens.

Generally if you need to share a VPN connection, a better way of doing it is to use NAT (e.g. via Windows’s Internet Connection Sharing feature).

Regards,
Aaron

live4ever · 6 September 2023 13:34

Ok I’ve played around with a 2nd USB ethernet adapter as part of the bridge (with Visc TAP adapter) - and everything almost works.

On the device attached to the bridged USB ethernet it gets an IP via the far site router and it can access the LAN no problem however the gateway does not come across the bridge.

live4ever · 8 September 2023 18:19

After doing some Wireshark captures and seeing the gateway getting stripped when a client on the Windows network bridge requests a DHCP lease on the remote site I finally found some threads through search.

OpenVpn 2.3.2 removing DHCP default gateway in tap mode
https://forums.openvpn.net/viewtopic.php?t=13494

Gateway gets stripped from DHCP Reply through OpenVPN tunnel
https://serverfault.com/questions/615597/gateway-gets-stripped-from-dhcp-reply-through-openvpn-tunnel

So adding to server.ovpn config:

server-bridge nogw

Allows the remote site gateway to come through with the DHCP request.

Bridging Viscosity TAP adapter with 2nd ethernet is a success and works great for devices that can’t run any form of VPN that require L2 (mDNS etc).

Aaron · 13 September 2023 05:08

Thanks for posting your solution - I’m sure it’ll be of interest to others who wish to attempt something similar.

Regards,
Aaron