NAT through VPN

Message

pyxel · Post by **pyxel** » Fri Jun 08, 2007 7:36 pm

Hello all,

In my work we are using CISCO phones on local lan. Now, I have my personal server at home connected to the VPN,, I puted in an additional network card. In fact I need to put this phone on the VPN:

Code: Select all


[CISCO ROUTER IN OFFICE]..... |VPN via INTERNAT| .... |eth1 (vpn device) --- eth0 (connected to the phone)| .... |phone|.

Now, I have configured the phone correct, it has a local IP address, but the only thing I need it connect it to VPN. Can someone tell me how? Using iptables I guess, but I'm not able to find the rules that work. Please advice.

SiberianSniper · Post by **SiberianSniper** » Fri Jun 08, 2007 7:47 pm

If you have iptables all set up in your kernel (with NAT, POSTROUTING, MASQUERADING, all that good stuff), you should be able to do this:

Code: Select all

emerge iptables
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain
iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE
iptables --append FORWARD --in-interface eth0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

One word of warning, I'm not sure if it still does or not, but I've seen Cisco's VPN client disable all other net devices on a computer, so eth0 might not work. If you run into that, I'd recommend using vpnc instead.