How to Share openvpn connection over ethernet?

linux networking vpn openvpn

6,952

Fun question. Let us call PC1 the one with OpenVPn working, and PC2 the one connected via cable to PC1.

On PC1, after plugging in the cable:

  ip link set dev eth0 down
  ip addr flush dev eth0
  ip addr add 10.8.0.5/24 dev eth0
  ip link set dev eth0 up
  ip route add 10.8.0.6/32 dev eth0

The first two commands are there purely out of caution.

On PC2:

  ip link set dev eth0 down
  ip addr flush dev eth0
  ip addr add 10.8.0.6/24 dev eth0
  ip link set dev eth0 up

and then, still on PC2,

 ip route add default via 10.8.0.3

Back to PC1:

 iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

If this does not work right away, please do not behave like this guy, try to help yourself by reporting error messages and what not.

EDIT:

if you want to forward over the OpenVPN the communications of a tethered machine, you only need to set up a dhcp server handling communications between PC1 and PC2. I will give the instructions for a Debian-family pc, they are similar 8though not quite identical) on other distros.

 sudo apt-get install isc-dhcp-server

Then edit /etc/default/isc-dhcp-server and modify the INTERFACES line to look like this:

 INTERFACES="eth0"

if eth0 is the interface with the cable going to PC2. Otherwise, modify eth0 accordingly.

Now edit /etc/dhcp/dhcpd.conf and introduce these lines:

  option domain-name "mysecondlan.lan";
  option domain-name-servers 8.8.8.8, 8.8.4.4;
  subnet 192.168.123.0 netmask 255.255.255.0 {
        range 192.168.123.1 192.168.123.10;
        option routers 192.168.123.1;

}

Now restart the service

  sudo service isc-dhcp-server restart

and you are done. Remember, you may have to use a crossover ethernet cable, especially if you are connecting to pcs.

6,952

Ryan Stevens

Updated on September 18, 2022

Comments

Ryan Stevens over 1 year

I'm trying to share my openvpn connection on linux to my pc. My wan connection comes through on wlan0 and my vpn is on tun0. Eth0 is my cat5 cable plugged into my laptop. I can't bridge tun0 so I don't know how to share the connection. My vpn ip is 10.8.0.3 btw. Can someone help me I've tried fowarding too with iptables but that didn't work either.
- MariusMatutiae over 9 years
  
  Please see my edit.
Ryan Stevens over 9 years

Thank you for the help. I may end up having to buy a usb ethernet adapter becuase my wifi isn't working correctly but I'll just change the interface in the commands. If I needed to connect the land cable to a windows computer though what would I have to do? I ovviiusly couldn't issue those commands in command prompt?
MariusMatutiae over 9 years

@RyanStevens In Windows, you have to issue commands similar to these at the command prompt, but I am not knowledgeable in Windows, sorry. No hablo Windows...
Ryan Stevens over 9 years

Haha ok but if I wanted to connect my ps4 or wii this way it wouldn't work then?
MariusMatutiae over 9 years

@RyanStevens No, it wouldn't. It still can be done if you set up a dhcp server on your Linux machine. I can help you with that, it is only a tad more complicated. Can you tell me which Linux distro you are running?
Ryan Stevens over 9 years

Running Debian, yes please help I would like to do this as well.
Ryan Stevens over 9 years

Also I should mention the network I am on uses a type of MAC address filtering so would I need to spoof anything ?
Ryan Stevens over 9 years

? Got my ethernet adapter so it will be eth0 and eth1 now
Ryan Stevens over 9 years

Wait can I use a regular ethernet cable? What is a crossover cable?
Ryan Stevens over 9 years

Would a crossover adapter work? Looks like I should have just used a ddwrt router in switch mode and used the open vpn client mode on there. Would have been cheaper and it's auto sensing so u wouldn't need a crossover? I think at least. Whatever this will work
Ryan Stevens over 9 years

my pc2 appears to not be getting internet even with my crossover cable. It gets an ip from the dhcp server but i am not able to ping google.com or 208.67.222.22(opendns). I can ping 10.8.0.3 though. I'm not sure the problem here.
MariusMatutiae over 9 years

@RyanStevens Can you pls post the output of ip route show?
Ryan Stevens over 9 years

Not letting me ping anything know for some reason. Output: 0.0.0.0/1 via 10.8.0.1 dev tun0. Default via 172.20.29.1 dev eth1. 10.8.0.0/24 dev tun0 proto kernel scope link arc 10.8.0.3. 10.8.0.0/24 dev eth0 proto kernel scope link Sri 10.8.0.5. 10.8.0.6 dev eth0 scope link. Wan ip via 172.20.29.1 dev eth1. 128.0.0.0/1 via 10.8.0.1 dev tun0. 172.20.29.0/24 dev eth1 proto kernel scope link arc 172.20.29.129. 192.168.1.0/24 via 10.8.0.1 dev tun0.