NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
tap
1 Topic
R7000 VPN Service TAP or TUN
I am trying to use the VPN server built into my R7000 router, however it does not work as advertized. The R7000 users guide indicates that Android is not supported, however the help centre (help files on the router itself) indicates that my firmware level does support Android as a TUN device. (see below) Firmware version is V1.0.4.30_1.1.67 If I download the client config file for either "Windows" or "NonWindows" The dev is set to "tap". (see below) QUESTIONS: Does this firmware support or does it not support Android using TUN? If it does support Android then how do I get the router to create a proper client config file? If the router does not support Android then: Are there plans to do so in the future? Can Netgear fix the documentation stating this firmware does not support Android and cannot create a TUN device config file? Here is a copy of my client.conf file: client dev tap proto udp remote xx.yy.org 12974 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key cipher AES-128-CBC comp-lzo verb 5 The help centre documentation is posted below: The VPN Service function allows you to access your home network in a secured way through the Internet when you are out of home. In addition, when you are out of the country, you can use the VPN Service to access the Internet sites or services for which there is a geographic limitation and they are not accessible outside the country. To use the VPN Service, you will need to locate your router through the Internet when you are out of home. There are two ways to do that and the suggested way is to use the Dynamic DNS service. The other way is to locate your router through its public Internet address and it is better to have static IP address settings for the router's Internet connection. Please make sure you have either the Dynamic DNS service enabled or static IP address settings for your Internet connection. The VPN Service only work with OpenVPN clients and will not work with any other VPN clients. OpenVPN configuration package download To install the VPN client, here you can find the proper configuration files base on your client operating system. For Windows and MAC, the configuration is using TAP mode for best compatibility for applications. For iPhone and Android, the configuration is using TUN mode due to OpenVPN APP limitation. Please be aware that, after changing the VPN advanced configuration, DDNS setup, or any Internet setting changes, you need to re-download the configuration file and replace to your client. OpenVPN client setup instruction To use the VPN Service, you need to install the VPN client software on each device where you want to create a VPN connection to the router. Please click on the client operating system for the instruction. Currently we support for Windows, MAC, iPhone, and Android. Advanced Configuration This section is only used for advanced setting. You don’t need to change anything here for the VPN to work properly. TUN Mode Service Type: You can use either TCP or UDP protocol to transmit the VPN packets for TUN Mode. TUN Mode Service Port: This is the VPN Server port number to which a VPN client connects for TUN mode. The default is 12973. TAP Mode Service Type: You can use either TCP or UDP protocol to transmit the VPN packets for TAP Mode. TAP Mode Service Port: This is the VPN Server port number to which a VPN client connects for TAP mode. The default is 12974. Clients will use this VPN connection to access: There are three options "Auto", "Home Network only" and "All sites on the Internet & Home Network". With the "Home Network only" option, a VPN client can access only the Home Network through the VPN Service. If you want to access the Internet sites or services with a geographic limitation when you are out of the country, you have to select the option "All sites on the Internet & Home Network". Please note that once you have selected this option, your VPN client will also access Internet sites and services that do not have a geographic limitation. For an Internet site or service that is normally accessible through the Internet (for example, public networks that do not have a geographic limitation), the access speed through the VPN Service is slower than the access speed without going through the VPN. The "Auto" option will do some intelligence checking and try to use the VPN Service only for necessary accesses (i.e. only for sites or services that are not accessible if not going through the VPN Service), but this is just a best effort function and a correct determination cannot be guaranteed.Solved38KViews0likes4Comments