Change interface mode

[Beau Barker]

>>
>> Is it possible to change the interface mode to TAP?
>
> No. Even if OpenConnect (the client software) wanted to support this
> TAP/Layer2 mode, there is no compatible server (Cisco or ocserv) which supports such a mode.

That's what I figured after finding no way documented to do it.

>> I have a device that needs to connect to a remote server via VPN tunnel.  The device cannot establish a VPN connection on its own and it reports the IP address it is assigned to the server for communication.
> 
> That's generally a bad protocol design, to send IP information at the application layer and rely on being able to communicate back to the same IP, or expecting it to match the incoming IP. I thought those kinds of protocols were mostly fixed or replaced in the 90s/00s, when
> IPv4 NAT became pervasive…?

Exactly how I feel about the device.  It's not so much for client-server communication, more for peer-peer communication since the developers never envisioned the devices being on separate networks.

>> I have configured a Raspberry PI to establish the VPN tunnel and forward traffic in NAT mode, but that isn't good enough since the device reports its private IP address.
>
> It should be possible to trick/torture the device into thinking that it has the same IP address as the Raspberry PI itself, by using iptables address-rewriting rules and such.

That's the route I'm pursuing now.

Thanks for getting back to me.
-Beau