So this post is a little hmmm… unorthodox you can say… but hey in time of #Covid19 you gotta do what you gotta do to #stayathome…. So finding new ways to stay entertained, learning something new and keeping the kids busy was a win win for everyone!

Netflix is somewhat limited in Switzerland, lots of good content is restricted and Disney+ isn’t even an option… but hey challenge accepted!

So the requirement was to have all traffic on the TV / specific WIFI Access Point (for the iPad’s) in my house route via the VPN and use specific DNS servers… yet still allow the TV / iPad’s to access my internal NAS…

Lucky for me I have a home lab with an NSX license, NordVPN & an MSDN account šŸ™‚

This is not the most optimal setup but I am not a network guy by any stretch of the imagination… but based on my logic this is the best / simplest setup in my environment…. as it allows me to quickly switch countries without having to reconfigure anything!

Aside from my lab servers… I am also using the following components..

  • Cisco SG300-10
  • W2K16 with Routing and Remote Access enabled
  • NordVPN Windows Client

I started off by deploying a new W2K16 Server from vRA… this server has 2 network vNIC’s (my primary VM network & the tagged vLAN for devices that will route traffic for the TV / specific wifi access point)

Once the VM was built and patched, I then enabled Routing and Remote Access from Server Manager + installed the NordVPN windows clientwhy do you ask??? well instead of having to manually re-configure the VPN in NSX or in Windows each time I wanted to switch countries the application does that automagically for me at the click of a button!

So once I installed the client I ended up with the 3rd network interface…. the TAP adapter used by NordVPN, I then configured NAT on the VPN TAP adapter in Routing and Remote Access.

This is what my interfaces in W2K16 looks like….

On the NSX-V ESG side below is my specific configuration…

So on my Cisco SG300-10 I changed the native vLan on the port for the TV and dedicated WIFI access point to the NORDVPN vLAN I created…

I hope you found this helpful / entertaining,… anything to beat the #Covid19 boredom and keep the family happy / while we #stayathome