I am trying to configure two new GL-A1300’s into a layer 2 bridge. It looks like it should be possible with OpenVPN, but I am unable to select bridge mode in the OpenVPN server configuration. The only choice is TUN. I am running firmware version 4.1.0. Any help would be appreciated.
This is the third time in a week someone has asked to do this - I’m kind of curious about why. The previous two ended up realizing that TUN was actually want they wanted to do. Is there a specific reason you need layer 2/TAP?
The use case is for a remote location to be able to connect to home location and watch TV. In my case I want to install a FIOS TV One Mini in my daughter’s college apartment and have it connect to the FIOS TV One at my house. In order to do that they have to be on the same subnet and the FIOS TV One Mini needs to get its IP via DHCP from my FIOS Gateway Router.
It does not have to be OpenVPN. I am open to any solution that would make this work.
Someone who actually does need TAP! It’s a miracle! 
You’re probably going to need to edit the config file yourself manually (or create one manually). You’ll also probably want to manually set things up to use CHACHA20-POLY1305 as a cipher on the A1300 instead of AES, as it’ll buy you about 15mbps using OpenVPN.
We could make a fortune if we could create an easy solution for this use case. Most universities no longer offer TV service in the dorms and why should we pay for service twice anyway. They expect everyone to buy 10 different streaming services to get the equivalent. Verizon etc only let you use their streaming TV service inside the house without restrictions. You can use it outside the house but reduced channels and or you have to cast from iphone etc to tv. Not a very elegant solution and quality suffers.
1 Like
Or, more likely, watch on a tablet, said to be legal, rather than this with a TV which…
You can try TAP if you do have some skills to configure openvpn in TAP mode.
It is just too complicated when it is related to routing and I don’t know if could solve your issue.
We do have a client who is doing Layer2 SD-WAN. But the price is very costly and cannot solve the price issue you mentioned.
I am a network engineer and could easily do this with a pair multi thousand dollar Cisco routers. At that point I might as well just pay for the service though. I was looking for a less expensive alternative. I would like to give TAP mode a try but the option is not available in the current firmware of the GL-A1300. Is that something that can you can provide an update for or do I have to manually configure it. If it is manual I do not think I want to spend the holidays messing with it.
1 Like
The easiest way to do that is probably going to be installing stock versions of OpenWRT for both of the routers, then configuring as you normally would with OpenVPN. The A1300 is supported in snapshot now.
(I would note that the standard versions don’t always compile openssl with speed optimizations, which you’re going to want on that router. So the best thing to do would be to actually build your own… I have a build env set up, so I don’t mind shooting you a build either, though lots of people have trust issues there, and rightfully so).
https://firmware-selector.openwrt.org/?version=SNAPSHOT&target=ipq40xx%2Fgeneric&id=glinet_gl-a1300
1 Like
What about just luci-app-openvpn? Never used it, so curious.
It’s… not great, imo.