Quick NAT to use an existing VPN tunnel in Linux for an additional machine (Windows XP) on your LAN.
My Ubuntu notebook uses OpenVPN to access some other networks. It is also a host to various virtual machines. I wanted a Windows XP virtual machine to access resources on the remote network through my VPN tunnel.
The virtual machine uses "bridged" networking, so it has a separate IP on the LAN. So I guess the following would also work on a physically separate machine.
On the Linux VPN tunnel host:
- Declare variables for the network interfaces.
$lanis your normal network adapter,
$wanis the VPN tunnel virtual adapter.
- Reset iptables
- Enable forwarding
- Configure iptables to provide NAT masquerading
lan=wlan5; wan=tun0 iptables --flush iptables --table nat --flush ##not needed?:# iptables --delete-chain ##not needed?:# iptables --table nat --delete-chain sysctl -w net.ipv4.ip_forward=1 iptables -t nat -A POSTROUTING -o $wan -j MASQUERADE iptables -A FORWARD -i $lan -j ACCEPT
(This is a minimal setup, without any security! Don't use this on a host visible to the Internet!)
On the Windows XP machine:
- Declare IP of your Linux VPN host, and name of your interface (can be seen with the
- Set the gateway and DNS to the Linux host
SET HOST=192.168.1.44 SET IFNAME=Local Area Connection 2 route change 0.0.0.0 mask 0.0.0.0 %HOST% netsh interface ip set dns name="%IFNAME%" static %HOST%