vpn – OpenVPN: UDP broadcast in tap environment

Background: I am currently trying to create a VPN for playing old computer games via LAN (Empire Earth / Warcraft III) and to bypass geo-blocks.

I am using the docker image by kylemanna and my openvpn.conf is the following:

verb 3
key /etc/openvpn/pki/private/<censored>.key
ca /etc/openvpn/pki/ca.crt
cert /etc/openvpn/pki/issued/<censored>.crt
dh /etc/openvpn/pki/dh.pem
tls-auth /etc/openvpn/pki/ta.key
key-direction 0
keepalive 10 60

proto udp
# Rely on Docker to do port mapping, internally always 1194
port 1194
dev tap0
status /tmp/openvpn-status.log

user nobody
group nogroup
comp-lzo no

### Route Configurations Below

### Push Configurations Below
push "block-outside-dns"
push "dhcp-option DNS"
push "dhcp-option DNS"
push "comp-lzo no"

### Extra Configurations Below
topology subnet

For accessing the internet using the VPN, everything works fine. Also the direct connections between the clients work. But neither Warcraft III nor Empire Earth is displaying any game hosted on the LAN. For Emprie Earth, I can bypass this with a direct connection to a IP address in Warcraft III direct connections via Lancraft work like a charme.

I already found the related topics here on serverfault, with this one stating that you need bridging to get the UDP broadcasts to work.

From sniffing packages I know that Empire Earth sends a UDP package to (broadcast) – these broadcasts also show up on another PC using Wireshark (both are using a different internet connection) – but I really don’t get why the games aren’t heeding these broadcasts. I might missing something obvious. Pings via the Windows cmd also work.

Here’s an example from the wireshark session:

Wireshark sesssion