So this post is a little hmmm… unorthodox you can say… but hey in time of #Covid19 you gotta do what you gotta do to #stayathome…. So finding new ways to stay entertained, learning something new and keeping the kids busy was a win win for everyone!
Netflix is somewhat limited in Switzerland, lots of good content is restricted and Disney+ isn’t even an option… but hey challenge accepted!
So the requirement was to have all traffic on the TV / specific WIFI Access Point (for the iPad’s) in my house route via the VPN and use specific DNS servers… yet still allow the TV / iPad’s to access my internal NAS…
Lucky for me I have a home lab with an NSX license, NordVPN & an MSDN account 🙂
This is not the most optimal setup but I am not a network guy by any stretch of the imagination… but based on my logic this is the best / simplest setup in my environment…. as it allows me to quickly switch countries without having to reconfigure anything!
Aside from my lab servers… I am also using the following components..
- Cisco SG300-10
- W2K16 with Routing and Remote Access enabled
- NordVPN Windows Client
- NSX-V ESG
I started off by deploying a new W2K16 Server from vRA… this server has 2 network vNIC’s (my primary VM network & the tagged vLAN for devices that will route traffic for the TV / specific wifi access point)
Once the VM was built and patched, I then enabled Routing and Remote Access from Server Manager + installed the NordVPN windows client … why do you ask??? well instead of having to manually re-configure the VPN in NSX or in Windows each time I wanted to switch countries the application does that automagically for me at the click of a button!
So once I installed the client I ended up with the 3rd network interface…. the TAP adapter used by NordVPN, I then configured NAT on the VPN TAP adapter in Routing and Remote Access.
This is what my interfaces in W2K16 looks like….
On the NSX-V ESG side below is my specific configuration…
So on my Cisco SG300-10 I changed the native vLan on the port for the TV and dedicated WIFI access point to the NORDVPN vLAN I created…
I hope you found this helpful / entertaining,… anything to beat the #Covid19 boredom and keep the family happy / while we #stayathome