[solved] OpenVPN configuration (2 NICS)

Thomas120 · 2015-03-23 04:48:43

I have Home-PC with 2 ethernet NICS
enp5s2 [Connects to the internet]
enp3s0 [That i use to share internet with my laptop]

skip forward a little

Bough myself a VPN plan from PIA, using it successfully on my PC following this guide. Sometimes i need internet on my laptop so i use sharing through my ethernet cable (on enp3s0).

So my question is can I somehow launch the VPN on my HomePC and make my laptop route it's traffic through the VPN connection?
Do i need bridging ? Here's a rough representation of my setup right now http://i.imgur.com/7IRhEZj.png

Forgot to add i also have a tun0 interface in my homepc (that openvpn starts)
Will appreciate any tips from you guys, I'm struggling with this for approx. 2 days

So for future reference, and for anybody else that wants to know how to do it
1) Start your vpn normally by sudo openvpn Server.ovpn or by using systemd
2)Then run these commands http://hastebin.com/hemosiyifa.hs
3)On the second PC that you want to share vpn connection follow the rest of the guide here

Solved!

Last edited by Thomas120 (2015-03-23 22:05:23)

Daiann · 2015-03-23 09:06:00

If your machine is already routing the traffic correctly you should just need to NAT the connections going trough the VPN.

iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

Thomas120 · 2015-03-23 21:41:50

Wow dammit it was so simple, thank you very much! it worked

Last edited by Thomas120 (2015-03-23 22:00:23)

Daiann · 2015-03-24 07:30:57

sudo iptables -t nat -A POSTROUTING -o enp5s2 -j MASQUERADE
sudo iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i enp3s0 -o enp5s2 -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

Take care that with a setup like that you are routing everything everywhere, including packets coming from the internet directed to your LAN/VPN. I would setup like so:

# iptables -P FORWARD DROP
# iptables  -A FORWARD -i enp3s0 -j ACCEPT
# iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
# iptables -t nat -A POSTROUTING -o enp5s2 -j MASQUERADE
# iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

EDIT: *Forgot a command*

Last edited by Daiann (2015-03-24 10:28:40)

Thomas120 · 2015-03-24 07:49:16

# iptables -P FORWARD DROP
# iptables  -A FORWARD -i enp3s0 -j ACCEPT
# iptables -t nat -A POSTROUTING -o enp5s2 -j MASQUERADE
# iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

Doing this way doesn't work, my second pc doesn't have internet that way

Daiann · 2015-03-24 10:25:47

Thomas120 wrote:

# iptables -P FORWARD DROP
# iptables  -A FORWARD -i enp3s0 -j ACCEPT
# iptables -t nat -A POSTROUTING -o enp5s2 -j MASQUERADE
# iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

Doing this way doesn't work, my second pc doesn't have internet that way

Sorry I forgot you also have to accept the returning packets

iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

Arch Linux

#1 2015-03-23 04:48:43

[solved] OpenVPN configuration (2 NICS)

#2 2015-03-23 09:06:00

Re: [solved] OpenVPN configuration (2 NICS)

#3 2015-03-23 21:41:50

Re: [solved] OpenVPN configuration (2 NICS)

#4 2015-03-24 07:30:57

Re: [solved] OpenVPN configuration (2 NICS)

#5 2015-03-24 07:49:16

Re: [solved] OpenVPN configuration (2 NICS)

#6 2015-03-24 10:25:47

Re: [solved] OpenVPN configuration (2 NICS)

Board footer