Roadwarrior VPN - workaround no static routes option in router?

NethServer Version: 7.9.2009
Module: VPN 1.6.3

I am set up on a home network, partly as a backup location and partly for hobby use.

I have a Roadwarrior VPN running and can use it to access my server, but routing traffic through it to other clients on my network or routing internet access through it is not working.

I tried using bridged mode, but connections from Android do not work - the OpenVPN client tells me TAP mode is unsupported, which leaves me trying routed mode. However, all the guides I can find say to set up a static route and my router does not appear to have any way to set a one (I’m currently using an all-in-one cable modem/router gateway SBG7400AC2). Since it’s an all-in-one with a DOCSIS modem, I’m at my ISP’s mercy for firmware on it. I’m considering getting a new router, but I don’t want to do that just for this one problem.

I have successfully bridged virtual machines to the my main network’s subnet from different VM software; is there any way to achieve this affect while still using TUN mode for Android compatibility? Alternatively I’ve used NAT in VM software to connect guests to my network, is there a way to configure nethserver to provide NAT between my host network and VPN in a similar way so that I do not need to configure a static route?


Hi Matthew

And a hearty welcome to the NethServer Forum!

If I understand your situation correctly, your NethServer is NOT your Router / Firewall and is running with a single NIC.
Your Router / Firewall is the SBG7400AC2 box.

If this is the case, and you can’t add in a route in the Firewallbox, then the easiest solution would be to add in a second NIC in your NethServer, and use NethServer as firewall for your LAN.

A simple illustration:

Internet Side:

Internet -> Provider-Box -> NethServer WAN -> NethServer

LAN Side:

NethServer -> LAN PCs / Notebooks / Hosts

With this setup, you would NOT need any route on the Provider-Box…
If possible, forward any needed (or all) Ports directly to your NethServer, NethServer can protect itself from the Internet!

And you can use OpenVPN like most people do, with Routing!

Bridged mode is more if you need to use exotic protocolls, like a mainframe, or Novells IPX/SPX…
Other reasons for using Bridged mode on a VPN are:

  • Only connect to a single host.
  • No control over Router / Firewall
  • Blind flight - no idea what you’re really doing, just blindly following some internet howtos!

Best always evade bridged mode! Bridged mode is slower, as any broadcasts will pass over the link - in both directions…

Hope this helps!

My 2 cents