Last active
August 29, 2015 14:27
-
-
Save wfaler/6f32a70755ea648d624a to your computer and use it in GitHub Desktop.
raspberry pi as VPN router
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Assumes eth0 is WAN and eth1 is the port you want to act as a router for other devices. | |
| sudo apt-get install openvpn | |
| sudo apt-get install dnsmasq | |
| /etc/network/interfaces - add: | |
| #USB NIC serving as internal gateway | |
| iface eth1 inet static | |
| address 192.168.10.1 | |
| netmask 255.255.255.0 | |
| /etc/dnsmasq.dconf - add: | |
| interface=eth1 | |
| dhcp-range=eth1,192.168.10.10,192.168.10.200,2h | |
| dhcp-option=3,192.168.10.1 # our router | |
| dhcp-option=6,192.168.10.1 # our DNS Server | |
| dhcp-authoritative # force clients to grab a new IP | |
| echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward | |
| edit: /etc/sysctl.conf | |
| uncomment: net.ipv4.ip_forward=1 | |
| sudo reboot | |
| connect to openvpn with: | |
| openvpn --config [myconfig] | |
| Run the following after connecting: | |
| sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE | |
| sudo iptables -A FORWARD -i eth1 -o tun0 -j ACCEPT | |
| sudo iptables -A FORWARD -i tun0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment