After several days cracking my head trying to get this to work, I have narrowed down my problem. It seems there is something with the TUN configuration my network / router / switch does not like. I just created a TAP configuration and used it on my laptop tethered to my mobile 4G network and was able to access my LAN with the TAP configuration. However I've also learnt that there are no OpenVPN mobile apps that work with TAP configuration. Any ideas guys?
Hi te2k,
TAP are mostly used for same-segment extensions (eg having the same subnet information left side and right side) - basically for site2site VPN situations. That's the reason why mobile apps don't support TAP. My conclusion so far is that your OpenVPN server does work well (otherwise you wouldn't be able to connect by TAP either). So it comes down to either the post-routing when tun VPN is opened, either firewall inbetween (eg block internet access on NVR), or a combination of both.
I suggest you work in a pragmatic step by step approach, between 2 "more debugable" devices, eg 1 PC (win/lin) and NAS (samba share).
Step 1: put pc on 100% LAN and open samba share: this should work
Step 2: configure openvpn tun for router, put pc on tethered 4G, and connect VPN client: this should work
Step 3: try to open samba share: this should work
Step 4: put NAS in "block internet access mode"
Step 5: try to open samba share: this should work
If In between step 3 and step 5, the services are broken, you have discovered the "root cause". Finding a solution is more difficult (eg vlanbased which is not something OOTB with Rmerlin).
Good luck!
CC