I want to setup a dietpi which is accessible via wifi, gets its internet connection via eth0 (hotspot mode) BUT also can connect to a VPN.
Second requirement: It should ONLY then provide internet access when VPN is connected.
I just made a fresh dietpi installation on RPI 4.
I installed dietpis hotspot mode and it works just fine.
I also installed (apt-get) vpnc to connect to another network (remote fritz box offering VPN service). This also works from the dietpi itself, but not from wifi clients.
And I want to somehow stop accessing internet for wifi clients, when VPN is not connected.
Hi, if I’m not mistaken you would need to setup iptable rules to allow forwarding the network traffic towards the tun0 interface. Something like this should do
iptables -t nat -A POSTROUTING -s 192.168.42.0/24 -o tun0 -j MASQUERADE
iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan0 -o tun0 -j ACCEPT
and to save stuff
iptables-save > /etc/iptables.ipv4.nat
But @trendy is more an expert than I’m and probably has some better ideas.
Thank you Joulinar!
This is an awesome community here!
Especially the last command brought me to the idea to have a look into the existing content of the file, so I just changed every eth0 to tun0 in /etc/iptables.ipv4.nat and it works.