I'm looking for advice for this special case.
What I want to achieve:
my gateway should dial PPPoe, should establish OVPN connection as client to my OVPN server. Internet users from outside should reach my gateway PPPoe interface and be NAT-ed properly to my LAN
I have raspberry as my main GW for internet for my LAN with more computers.
eth0 - LAN
eth1 - Internet
I'm dialing my internet, so I have ppp0 interface [It is working properly]
I'm NAT-ing few ports from internet to my LAN (web, git and so on) - [It is working properly]
Now I want to connect to my OVPN server with my Gateway, so entire network goes through this VPN connection - so I have tun0 interface. [It is working properly, EXCEPT NAT, Connections from outside to my ppp0 IP are not translated].
Problem:
When I establish opvn connection from my Raspberry GW to my server in the internet to route all trafic from my LAN, through my GW through VPN, LAN->Internet is good (with new IP from my VPN server) but my NAT rules not working. When I'm somewhere in internet and trying to get home to my ppp0 IP address. NAT is translating packets. It is like established tun0 interface overrides everything on ppp0.
Effect:
What I see is, that NAT, seems, is routing traffic correctly to my PC in the lan but it is stuck on SYN_RCV status.
Questions:
I'm missing knowledge, what happens if my GW connects as ovpn client to my ovpn server in the internet.
What is necessary to do ?
1.Change ovpn configuration that ppp0 interface over WAN interface "should not be blocked somehow" ?
2.Is possible some routing loop ?
- Should I NAT at my VPN server ? VPN server->VPN client->NAT->LAN ?
If I turn off opvpn client, NAT is working without issues. I have everything managed via iptables.
Thank you very much for your advice
