MacLaptop as Client Gateway, Help!

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Magnum4599
OpenVpn Newbie
Posts: 1
Joined: Tue Jun 18, 2019 8:33 pm

MacLaptop as Client Gateway, Help!

Post by Magnum4599 » Tue Jun 18, 2019 8:54 pm

Hey guys,

Let me explain my setup. So I've got an open VPN server setup on my DMZ at the office network. It's running on a freenas box. I've created the keys, conf, and setup the sonicwall firewall to allow the port through.

I then setup my laptop and plug in my cell phone to use for testing since i'm in the office on the same network, I need a different WAN address to do proper testing.

My connection works, I'm using tunnel blick and the client config works. Now, I want to share out my laptop Lan which is just a switch on a seperat interface on my laptop.

So I'll explain further. I have a laptop plugged into a cell phone via a usb cable on en7. Then I have a thunderbolt adapter to ethernet going to my switch on en3. My tunnel blick connects on utun2.

So I've added an iroute statement to my ccd file, and push route, and route to my vpn conf files and eveything is all good there.

Then I've added packet forwarding on my mac laptop through a terminal command.

So my cell phone is giving my laptop the ip of 172.20.10.4. So I've added all those routes into the conf files and I can successfully ping my laptop interface from the freebsd openVPN server. Then I setup the en3(thunderbolt to switch) on 172.35.10.33. I can also ping that interface from the OpenVPN server.

Here is where I get stuck. When I try to ping the switch (HP procurve) from the OPENVPN server I get no response. The switch is 172.35.10.100. I can successfully ping it directly from my laptop but I cannot see the switch from the open vpn server. I've been working on this for three days. I've tried to add routes on my mac laptop to pass through the traffic to the switch, but I'm lost.

I've attached three screenshots. One shows my routing table on the mac laptop and that I can successfuly ping the switch. The other is the wireshark capture showing that my mac laptop is seeing both ping requests from the server, one for 172.35.10.33 and 172.35.10.100, but only replying to the .33 directly connected interface.

My OpenVPN server is set to give all devices the standard 10.8.0.0 ip range for it's dhcp.

Is there something else I need to route to get my laptop to pass on the packet to the correct interface or what? Please help! I'm sure it's stuck on the laptop side, my settings in the openvpn are all correct I think.

User avatar
TinCanTech
OpenVPN Protagonist
Posts: 5783
Joined: Fri Jun 03, 2016 1:17 pm

Re: MacLaptop as Client Gateway, Help!

Post by TinCanTech » Tue Jun 18, 2019 9:13 pm


Post Reply