#StackBounty: #raspberry-pi #routing #vpn #ipsec Routing traffic through VPN using Raspberry PI

Bounty: 50

I have a setup like this:
– Raspberry PI connected to router via LAN cable
– Created a bridged connection between eth0 and wlan0
– using hostapd for wifi hotstop
– configured l2tp/ipsec connection with one of my servers online

Issue I am having & goal:
– Goal is to have this raspberry pi as a wifi router that would route all traffic coming via WiFi through my VPN
Issue I am having is that raspberry pi is using the VPN tunnel when I do curl, but all wifi guests connected do not get the VPN IP.

Interface example:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
    link/ether b8:27:eb:21:2b:9a brd ff:ff:ff:ff:ff:ff
3: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether b8:27:eb:21:2b:9a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.7/24 brd 192.168.1.255 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fe80::ba27:ebff:fe21:2b9a/64 scope link
       valid_lft forever preferred_lft forever
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP group default qlen 1000
    link/ether b8:27:eb:74:7e:cf brd ff:ff:ff:ff:ff:ff
6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UNKNOWN group default qlen 3
    link/ppp
    inet 192.168.42.11 peer 192.168.42.1/32 scope global ppp0
       valid_lft forever preferred_lft forever

Routing table:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         0.0.0.0         U     0      0        0 ppp0
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 br0
45.36.81.212    192.168.1.1     255.255.255.255 UGH   0      0        0 br0
63.126.53.74    192.168.1.1     255.255.255.255 UGH   0      0        0 br0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 br0
192.168.42.1    0.0.0.0         255.255.255.255 UH    0      0        0 ppp0

45.36.81.212 is my VPN
63.126.53.74 is my own local public IP
(ips have been slightly changed for obvious reasons).

OS: Raspbian

Would forwarding wlan0 to ppp0 do the trick or do I need to tamper with br0?


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.