SmallNetBuilder Forums
Go Back   SmallNetBuilder Forums > Wireless Networking > ASUS Wireless > Asuswrt-Merlin

Reply
 
Thread Tools Search this Thread Display Modes
  #1  
Old 12-29-2012, 10:11 PM
IHazAQuestion IHazAQuestion is offline
New Member
 
Join Date: Oct 2012
Posts: 12
Thanks: 4
Thanked 0 Times in 0 Posts
IHazAQuestion is just starting out
Default VPN Server: TUN vs TAP

Hi all,

I'm trying to understand the practical differences of connecting to my home VPN server via Merlin's Firmware. I've read up on some of the differences between TUN and TAP, but most of them are super technical and I'm moreso looking for a straight forward answer on practical usage in layman's terms.

1) I have successfully connected to my home VPN server using TUN. However I was not able (or rather didn't know how) to access any of my home resources (Desktops, RT-N66U admin page, etc).

2) I understand that if I connect VIA TAP, my remote computer will appear as local and I will be able to see all my devices under "Network Neighborhood" and is very simple. My understanding is that the drawback is that connecting via TAP consumes significant network resources and is "noisy" (for lack of better term).

I don't necessarily need to be able to access my resources via Network Neighborhood, but I would at least like to RDP into my home desktop from where ever I am, or at the least access shared directories. I don't need much more (right now at least). Can either of these be done via TUN or is TAP the only option?

Thanks in advance!
Reply With Quote
  #2  
Old 12-29-2012, 11:40 PM
RMerlin's Avatar
RMerlin RMerlin is offline
Very Senior Member
 
Join Date: Apr 2012
Location: Canada
Posts: 9,984
Thanks: 54
Thanked 5,499 Times in 2,262 Posts
RMerlin is just starting out
Default

TUN is fine for your needs. TAP is only needed for very particular scenarios.

Make sure you run the OpenVPN client as Administrator, otherwise it will be unable to apply the routes being pushed to it by the OpenVPN server. That's most likely the reason why you can't route to your LAN devices. Either that, or your home LAN uses the same IP range as the network from where you are connecting, which will make it impossible for your client to tell if you are trying to access a local or a remote device when you enter an IP.
__________________
Asuswrt-Merlin: Customized firmware for Asus routers
Github: github.com/RMerl - Twitter: RMerlinDev
See the sticky post for more info.
Reply With Quote
  #3  
Old 12-30-2012, 04:56 PM
mrgenie mrgenie is offline
New Member
 
Join Date: Nov 2012
Posts: 24
Thanks: 3
Thanked 0 Times in 0 Posts
mrgenie is just starting out
Default

Quote:
Originally Posted by IHazAQuestion View Post

1) I have successfully connected to my home VPN server using TUN. However I was not able (or rather didn't know how) to access any of my home resources (Desktops, RT-N66U admin page, etc).
For people with low needs TUN will suit every single home network need. If configured properly. There are many reasons that can "block" traffic, but the main points are written by Merlin.

Quote:
Originally Posted by IHazAQuestion View Post
2) I understand that if I connect VIA TAP, my remote computer will appear as local and I will be able to see all my devices under "Network Neighborhood" and is very simple. My understanding is that the drawback is that connecting via TAP consumes significant network resources and is "noisy" (for lack of better term).
The benefit of TAP is that every single network service will run (normal home users don't need this I think) over TAP you can also have a class B network running (65k computers/clients) the problem is indeed that if a class B network is setup by people who have no idea what they're doing, you'll most likely need a 1Gbit connection to handle the useless traffic over your network if you have so many clients.
For security reasons it shouldn't matter whether you take TUN/TAP
if configured properly however, a TAP network actually has less "noise" then a TUN network, although technically the term "noise" isn't correct.

Since you have these questions, I take an honest guess you have not much experience with networking, and I strongly advise you to listen to Merlin and stay with the TUN solution.

Quote:
Originally Posted by IHazAQuestion View Post
I don't necessarily need to be able to access my resources via Network Neighborhood, but I would at least like to RDP into my home desktop from where ever I am, or at the least access shared directories. I don't need much more (right now at least). Can either of these be done via TUN or is TAP the only option?
Thanks in advance!
But TUN and TAP will serve you perfectly, if configured correctly.
When I started with openVPN a lot of questions I had myself, and actually this forum or Merlin is the wrong source. For specific questions, simply go to the openVPN forums. There are gurus there that can help you out if something doesn't work.

I haven't have much experience with Tunnel networking myself. I run a network crossing the continent with a few thousand clients, so TUN is no option for me. But setting up a properly configured TAP will take some time, especially for a first time person who wants to learn how to do it. Unless you really need it, TUN will suit every windows/linux/osx home network service, including RDP (VPN can be faster in some cases, not always!) file sharing, etc..

If you have more questions, people here, myself included might try to answer them, but I really advise you to ask in the openVPN forums. There you find the openVPN gurus! And they know some tricks you won't even be able to find by using google
Reply With Quote
  #4  
Old 12-30-2012, 06:09 PM
octopus's Avatar
octopus octopus is offline
Senior Member
 
Join Date: Jul 2012
Posts: 171
Thanks: 9
Thanked 10 Times in 9 Posts
octopus is just starting out
Default

What is the difference between a TUN device and a TAP device?

A TAP device is a virtual ethernet adapter, while a TUN device is a virtual point-to-point IP link.
Level 2 and level 3 networks.
Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


All times are GMT -4. The time now is 08:37 AM.


Top 10 Stats
Top Posters* Top Thanked
RMerlin  514
azazel1024  169
stevech  143
KGB7  139
sinshiva  112
sm00thpapa  89
microchip  85
hggomes  85
philmiami  83
Kel-L  78
RMerlin  5498
stevech  322
ryzhov_al  262
TeHashX  214
L&LD  188
RogerSC  187
sinshiva  139
joegreat  123
jlake  122
sfx2000  118
Most Viewed Threads* Hottest Threads*
Old Asuswrt-Merli...  72545
Old Asuswrt-Merli...  58150
Old Asuswrt-Merli...  12808
Old Asus locking...  8491
Old ASUS...  6230
Old Incoming...  5819
Old ASUS...  5805
Old Asus...  4831
Old [Fork]...  4444
Old NETGEAR...  4438
Old Asuswrt-Merli...  389
Old Asuswrt-Merli...  389
Old Asus locking...  125
Old Asuswrt-Merli...  90
Old [Fork]...  51
Old Asus...  50
Old ASUS...  48
Old How many of...  47
Old NETGEAR...  46
Old ASUS...  45


Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
© 2006-2014 Pudai LLC All Rights Reserved.