OpenVPN Bridging with Windows HOWTO

Note:  Bridging will only work with the Windows XP and the Windows Server 2003 family of operating systems.  Also, be advised that for Windows Server 2003 R2, you may need to force the TAP NIC into compatibility mode per this article. (Thanks, Luther!)

  1. From the Control Panel, go to Network Connections. To keep things organized, rename "Local Area Connection n" (TAP-Win32 Adapter V8) to "OpenVPN".
  2. Select both OpenVPN and your normal physical adapter (typically named "Local Area Connection"), right-click, and select "Bridge Connections".  It normally takes 15-45 seconds for the process to complete.
  3. Rename "Network Bridge (Network Bridge) n" to "OpenVPN Bridge".



Once the Bridge has been established, it is important to realize that all TCP/IP settings are now controlled through OpenVPN Bridge adapter (as opposed to Local Area Connection adapter).  Check to make sure that all of your settings are correct.  If you originally had a static IP Address, etc., these settings will probably need to be duplicated into the OpenVPN Bridge adapter.  Right-click "OpenVPN Bridge" and select "Properties":



...then go into the Internet Protocol (TCP/IP) Properties:



These are the defaut settings of a newly created OpenVPN Bridge adapter.  If your "Local Area Connection" settings are identical, you're good to go -- otherwise you must make the applicable changes here or your net will not work!

As soon as you can access the Internet, et al again, it's time to start building your config files.  Since there are so many guides/HOWTO's available, I won't get too deep into it here.  For your convenience, here are mine:

OpenVPN Server (Windows XP Professional, Multiple Clients)
lport 5000
dev tap
tls-server
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
mode server
ifconfig 192.168.0.1 255.255.255.0
ifconfig-noexec
ifconfig-pool 192.168.0.110 192.168.0.119
local 192.168.0.10
push "route 10.0.0.1 255.255.255.0 192.168.39.1"
duplicate-cn #use this for testing only
client-to-client
ping 10
ping-restart 120
push "ping 10"
push "ping-restart 60"
verb 4


OpenVPN Client (Windows XP Professional)
remote <IP.Address.or.DNS.Name.of.OpenVPN.Server>
port 5000
dev tap
nobind
tls-client
ca ca.crt
cert client.crt
key client.key
pull
verb 4