VPN with TAP question

Hi all

I am about to attempt and setup a client to site VPN which will utilize a TAP interface to allow devices connected to the Site B (client) - ideally on only ONE of the ethernet ports using a VLAN - router to be accessible (on the same subnet) from the Site A router and receive an IP address from the Site A router. The specific network device I'm needing to connect needs to be on the same subnet and requires multicast support. A VPN cannot be directly installed on the device, so I'm doing this at router level.

My first attempt will be two Banana Pi R3 routers with OpenWRT and OpenVPN as demonstrated in the following YouTube video:

I believe this specific protocol operates on level 2 (data link layer).

However, I'm reading more and more that OpenVPN, specifically with a TAP interface, will be significantly slow. I'm interested in if perhaps investing in higher quality routers, such as a ZYXEL router, and if it will be a more responsible investment.

ISP on both sides are gigabit fiber, and I'd like to try and utilize as much of that bandwidth as possible.

Does ZYXEL offer a modestly priced router with applicable protocols and configuration to achieve this? WiFi is necessary, as these routers will replace my two existing routers in both locations.

I have read ZYXEL routers offer IGMP and multicast support - I'm more concerned about the TAP/bridging ability.

Thank you for your help.

All Replies