1

I'm trying to setup a simple VPN without port forwarding.

I have:

  • raspberry pi connected to a LAN (eth0 - 192.168.1.0/24)
  • internet accessible vps server
  • laptop & android device that needs access to the LAN using a VPN

I read that I can use tinc to establish a peer to peer connection between the raspberry pi and VPS server. This worked great so now I have created a network between vps and raspberry on 10.0.0.0/32 on dev tun0:

  • VPS running tinc server 10.0.0.1
  • Raspberry pi running tinc client 10.0.0.2 (subnet 10.0.0.0/32 & subnet 192.168.1.0/24)

From VPS I can access the LAN (e.g. 192.168.1.1) over ssh which is great. But the problem now is connecting to the VPS over a new VPN connectiong. For this I installed openvpn on the VPS.

This created a dev tun1 on the VPS, my VPS has 10.8.0.1. When I connect to the VPS over openVPN I get 10.8.0.2 on my client.

I issue is I cannot ping 192.168.1.1 or 10.0.0.2 from the client but I can ping 10.0.0.1.

Any idea what I could be doing wrong?

thanks in advance!

Improve this question

1 Answer 1

Reset to default
1

I found the solution. I just need to add a postrouting and forward chain rule from tun1 to tun0.

iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE iptables -A FORWARD -i tun1 -o tun0 -j ACCEPT
Improve this answer
2
  • xepa, thanks for following up your own post with an answer! Is it possible to include a little more detail in the answer for folks in the future who may land here, even possibly including yourself :) Commented Jan 15, 2022 at 21:24
  • added some more details for future reference Commented Jan 16, 2022 at 9:16

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.