VPN without port forwarding using raspberry pi and a VPS

I'm trying to setup a simple VPN without port forwarding.

I have:

• raspberry pi connected to a LAN (eth0 - 192.168.1.0/24)
• internet accessible vps server
• laptop & android device that needs access to the LAN using a VPN

I read that I can use tinc to establish a peer to peer connection between the raspberry pi and VPS server. This worked great so now I have created a network between vps and raspberry on 10.0.0.0/32 on dev tun0:

• VPS running tinc server 10.0.0.1
• Raspberry pi running tinc client 10.0.0.2 (subnet 10.0.0.0/32 & subnet 192.168.1.0/24)

From VPS I can access the LAN (e.g. 192.168.1.1) over ssh which is great. But the problem now is connecting to the VPS over a new VPN connectiong. For this I installed openvpn on the VPS.

This created a dev tun1 on the VPS, my VPS has 10.8.0.1. When I connect to the VPS over openVPN I get 10.8.0.2 on my client.

I issue is I cannot ping 192.168.1.1 or 10.0.0.2 from the client but I can ping 10.0.0.1.

Any idea what I could be doing wrong?

thanks in advance!

I found the solution. I just need to add a postrouting and forward chain rule from tun1 to tun0.

iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
iptables -A FORWARD -i tun1 -o tun0 -j ACCEPT