Hello,
I’ve been having some issues with my DietPi setup w/RPi 3 B+.
I can perform a ping test just fine from the Pi, but whenever I attempt to use my StrongSwan setup (RPi is the server) and connect to StrongSwan via my phone, I’ll make the connection but no traffic makes it past the RPi. I can’t do anything with the VPN connection I’ve established and I can’t even ping/update from the RPi.
I guess there is no IP forwarding enabled on the VPN server. To access other IPs “behind” the VPN you need to allow IP forwarding.
Quick test: sysctl net.ipv4.ip_forward=1 net.ipv6.conf.all.forwarding=1 net.ipv6.conf.default.forwarding=1
If that does not yet solve the issue: To access internet resources through the VPN you need to masquerade connections through the VPN, to make it behave like a NAT. For this you require the iptables package. Check the VPN interface first, on OpenVPN the default is tun0 but not sure about your solution: ip a
The following allows and enables NAT routing from tun0 (replace with your actual VPN interface) to eth0 (replace with your actual internet capable interface).
apt-get -y install iptables
iptables -A FORWARD -i tun0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
ip6tables -A FORWARD -i tun0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE