I see mention of L2 support in SoftEther overview.
Also, I’ll throw out that setting up the rules for AH, GRE, ESP, ports 500, 4500, and 1701 UDP can be very tricky to configure to allow through at the consumer gateway level, too, whereas OpenVPN typically wants 1194/UDP.
It’s do-able, but dealing with the customer gateway is a big pain.
What I did for my Linux router is made it a DMZ host to pass through all traffic, and do my security at the iptables level.
At the gateway level, firewall is disabled, the DMZ is my Linux router, and there are no custom port forwarding rules configured at the basic configuration screen (caveat for advanced screen is below):
Under advanced, you want these port forwarding rules enabled:
I guess I never thought about it, but the ‘L2’ in ‘L2TP’ prolly means layer 2. 
I’m using the OpenVPN iPhone client to vpn in to my Netgear R8000. The connection from my phone ends up in a different subnet than the OSx host running Roon Core on my local network. I have the same issue as everyone else where Roon can’t seem to find the Core. Interestingly, when I’m home, if I connect the vpn, then enable WiFi on my phone, the VPN connection pauses, Roon connects to Core, then if I disable WiFi, the vpn connection resumes and Roon continues working just fine over the VPN connection. I’m able to browse, stream to phone etc. So, Roon can’t “find” the core over VPN, but if its already connected, it happily continues to function over a VPN TUN link.
I agree this should work over OpenVPN. The L2TP/SoftEther solution I found is a bear to implement and isn’t an option for people with hardware devices such as yours.
Update: after enabling IGMP Proxying on my router, roon discovers the core and works perfectly.
MInus the ability to playback on the roon remote.
1 Like
I’m definitely able to playback on the roon remote (my iPhone) over a vpn connection.
That’s new and the first time I’ve heard of it working with OpenVPN TUN.
On my system where I use iOS vpn to connect to my home network, I find that when I am on cellular service, Roon connects and plays fine. However, if my iOS device is connect via WiFi, even though vpn is connected (and things like RDP works), I can’t see Roon. I think this has to do with being on different subnets. Any way to solve this problem?
I just switched back to TUN with IGMP proxy enabled and I can’t find the cores from the remote never mind the core find the RAAT endpoint. Asus router.
1 Like
I see your wifi is connected. Were you away from home on a different wifi network?
Nevermind. I see you disconnected after.
Do you need to start roon when on wifi first to get it to wotk after on vpn? Or can you now kill roon. Go vpn and restart roon and have it work?
No need to start Roon on the WiFi first. In the video, I actually killed Roon just before enabling the vpn (perhaps not obvious but I double clicked the home button and swiped up on Roon to kill it).
1 Like
I can confirming that after I enabled IGMP proxy on my router, using an OpenVPN connection, I can stream to my iPhone.
1 Like
Well that’s good news, I assume my managed switch and numerous link aggregates are getting in the way.
I’m using an Asus router as well and have had no luck getting a connection with IGMP proxy turned on. It may be that it applies IGMP routing to IPTV connections only.
I played with igmpproxy for a solid 4 hours last night on my Linux router and couldn’t make it work with OpenVPN.
Has anyone tried ZeroTier?
Seems like a pretty cool VPN-type software but P2P a bit like Hamachi if anyone remembers that. Has clients for most devices including NASes (QNAP without GUI though) and IOS. In theory I would think it should be workable for Roon, but I tried it briefly and couldn’t get it to work for Roon, although was very easy to set up.
I’m sure the issue is something to do with subnets, multicast, ethernet bridging, default routes etc. And I would think someone more comfortable with networking terminology could likely get it to work, in which case it would be a nice solution…
1 Like
I screwed around with ZeroTier for a solid 3.5 hours today. My Linux router said everything was connected, my iPhone said it was connected, and the ZeroTier web dashboard said we were connected. Linux showed a bridge device (zt0) and a bridge- and client-side IP address, which were pingable both ways from iOS to Linux and vice-versa.
At no point could I get bridging or any kind of routing working such that the iPhone could talk anything other than the tunnel Linux-side IP address.
While I’m not a network specialist, I have done systems for 20+ years, so I’m not clueless. I’d like to have all the time I’ve wasted back, and @RoonFAQ would mark this thread as unresolved and give this issue a little love. Lots of people want to stream their music from their home library to their phones when they’re on the go.
3 Likes