How do I specify tunnel network in OpenVPN?

I have a tunnel, well two tunnels, that I’m attempting to set up; the client on each is not VyOS but another router that does not support peer-to-peer mode, only server/client mode.

Also, it’s a tap tunnel with no additional bridge on either side. I’ve done this for a long time (including multicast) across networks, I’d simply assign the tunnel endpoints as interface and treat it as any other routed/tun/L3 interface. It gets — if this would be pfSense for example (and pictured below) — its address from the tunnel network’s CIDR specified in the config, same that’s normally left blank in tap tunnels. For all I know this might be a hack, though it has worked on other platforms as well.

This would be something like:

(basically a tun tunnel with support for L2)

The options (and documentation) are kind of ambiguous. It reminds of the subroles of ADCS.

Tunnel network is a very clear name for it, but instead in VyOS there’s client/server subnets, addresses, pools, topology which become in conflict in response to changes to the tunnel’s mode, device type, topology, and IDK… religion. It takes a lot of time to test each config like that specially if you don’t know which exactly is the one you’re looking for.

Would you give me at least a hint? Please?!

Merci ! =)

Why not wireguard? It will be a good choice for u .

you need to specify what type of tunnel do you need , it can be achieved using this command :

set interfaces openvpn vtunX device-type tap

kind regards