Using DPI/QoS with OpenVPN

NethServer Version: 7.3
Module: Network

Hi, I just began using nethserver after migrating from pfSense. Thanks for such a great product!

I currently route internet connections through a VPN while having DPI/QoS rules setup. From what I can see, DPI/QoS doesn’t support VPN as a destination. Is there any way I can add the vpn interface (tap0) to the red zone so that I can perform DPI/QoS?


I’m trying to understand your setup and if DPI/QoS could work at all.
Could you share your full system configuration? Could I try to replicate it here?
To bypass web UI checks, we could set the rule in the configuration database using the shell, but I can’t guess how to write the rule. Understanding your setup may help me. Thank you.

Hi, thanks for the quick response!

Currently, I have a OpenVPN Client setup on NethServer with a default route that goes to the OpenVPN Server. The TAP (fully bridged with VPN network) interface is used. Currently, the route looks like this:

 default via dev tap0 tap0  proto kernel  scope link  src

As a result, traffic exits nethserver in the tap0 interface and proceeds to the default gateway instead of the default (enp3s0) interface that leads to my DSL modem. However, there is no way to configure the zone of the tap0 interface in the GUI.

If you want, I can setup a demo system later on for you to test :slight_smile: