VPN: step-by-step


I know Roon via VPN is not “officially” supported, but I also know that numerous members of this forum have gotten it to work. All of the threads on the topic seem to address specific issues in the setup process, though (rather than a basic “how to”). Would it be possible for any of the tech savvy forums members to post a basic, step by step explanation of how they’ve gotten this to work? My setup has the Roon core on a Win 10 machine and I’m looking to use VPN to connect to an iOs endpoint. (I imagine this is a common setup and would be helpful to many). Thank you!

Ps I currently use my QNAP NAS as a VPN server, and connect via the OpenVPN iphone app … I can’t get the iOs Roon to find my local win 10 Core

iOS 12.2 no VPN anymore
(Adam Goodfellow) #2

I don’t think you will get an iPhone to find a core as I don’t not believe that iOS supports the required VPN mode.

Someone who knows the details might correct/explain.

(Daniel) #3

Hey, Sadly iOS does not support TAP mode, and will not work with Roon Core over VPN.

From openvpn:

Why doesn’t the app support tap-style tunnels?

A: The iOS VPN API supports only tun-style tunnels at the moment. This is a limitation of the iOS platform. If you try to connect a profile that uses a tap-based tunnel, you will get an error that only layer 3 tunnels are currently supported.

(Wim) #4

I manage to log into Roon over VPN and play music using Roon on my Windows 10 laptop and on my Android phone and tablet when I’m on the go.
I have a WatchGuard XTM 25 Series Firewall Appliance that is maintained by my IT service provider.
I use the WatchGuard Mobile VPN with SSL app on Windows 10 and I have configured a L2TP/IPSec VPN with a pre-shared key on my Android phone and tablet.
But it is usually easier to just use the Tidal Apps.

1 Like

got it. thanks!

(Jeffrey Pierce) #6

I’m about 80% of the way done getting VPN/Streaming to work all the time on my Synology NAS + Roon Server. Presently, I’m not all that interested in mobile (I’m an iPhoner) but I want to be able to have the same library at my office (where I keep my nice DAC, amp, and headphones) as I do at home (where I also keep a nice DAC, amp, and headphones)

Once I get it working to my satisfaction, I wouldn’t mind posing a walkthru of how I did it.

Check back in a few weeks!

1 Like
(Ged) #7

Sorry if I am telling you things you already know. You can use roon at two locations as long as only one is live at any time.

(Jeffrey Pierce) #8

Yes - thanks. I’ve seen that one can swap licences between two cores. I thought since I’d set up Roon to access to the files on my NAS already - that it would be easier / best for me to just maintain one, centralized library. So that, matched with the fact I like to fiddle and fuss around with this kind of stuff. :wink: We’ll see what happens…

1 Like
(Ged) #9

Just didn’t want you wasting time… but fiddling with tech that’s different :grinning:



Interested in how you got this running. I am using a Synology router and have tried OpenVPN server on the router itself and on a separate server. Using TunnelBlick as my OpenVPN client. Have no problem with the VPN itself but can’t get Roon to work. Did you use TAP instead of TUN so your office endpoints are on the same subnet as Roon at home???


Thanks. That’s actually a really basic/standard configuration. I have the same Synology OpenVPN setup and also using Tunnelblick and while the VPN is fine, Roon doesn’t work. Attached are my same settings and Tunnelblick… can you attach a screenshot of your Tunnelblick config? what versions of OVPN are you using clientside?

Must be something else at the router level. Why are you using ‘port triggering’ instead of ‘port forwarding’ for 1194? 1194 is the port for the vpn itself and nothing to do with Roon ports/broadcast groups etc. What are you IGMP settings on your Netgear router??


No of course Roon has no concept of vpn access or not. But you are implying that the roon core is communicating to your vpn client from a virtual 10.8.0.x IP address, (likely as that is the same address that your OpenVPN server is running on.

My core is running on a mac, not the same IP/server as my gateway/router … yet I am able to successfully run an openVPN server on both it or on my Synology router. I can route all internet traffic or not, etc, etc. The VPN is not the issue per se. Lots of other people have tried getting this to work over OpenVPN and have the same problems.

It’s unclear how it works at all if the Roon core and the Roon endpoint aren’t on the same subnet. Maybe there is some right routing such that the Roon core will send discovery packets over the virtual 10.8.0.x subnet as well as the local 192.168.1.x subnet. That’s the only way I think it is working in your case. For some as yet to be discovered reason.


Hey guys,

I’ve tried everything but I can’t get the Android Roon app to get past “No wi-fi connection”. I’m connecting to my VPN find on Android, however the Roon app itself does not appear to even attempt to look for a core if the Android system is not connected to a wi-fi connection. Driving me nuts.

Proof that my VPN is working:

  • I connected to my home wi-fi network
  • I successfully connect to my Core on my Android Roon app via my wi-fi network
  • I disconnect wi-fi while Roon app is still running
  • Now I’m on 4G, but with VPN connected
  • I can control my home Roon Core via 4G now
  • but this disappears when the app is restarted
    • can I force the app to look for a core somehow even if not on a wi-fi network?

Thank you!

(Wim) #17

I don’t think so.

(Dom) #18

I can connect to my core at home via VPN on my iPhone. That works, but my iPhone does not show up as a player, so listening to music on the go is not possible at the moment. Is there a way I can get this to work?


Hi mate just wondering, are you connected to a wifi signal with your phone, or purely 4G? Thanks


Hmm strange how some can get it to work then, I must be missing something

(David Ghidoni) #21

Hi @Squeezemenicely,

Exactly same problem, did you find a solution?

(Mick Pollock) #22

For what it’s worth… I have a Windows Server on my network and am able to connect via a PPTP VPN from anywhere and have Roon work fully including controlling all playback at home and also streaming audio to my phone.

(Dom) #23

No, sadly not, I used to run LMS and had iPeng on my iPhone - that worked perfectly via VPN. Shame that this is not possible with Roon.