Ok I know this sounds crazy but it’s all about Linux and iptables all the way
I’m using a rooted android phone as a VPN router to keep confidential traffic separated between networks
A and B are in the same network, B provides a separate network for C
Device A: Linux ip 192.168.15.32 wlan0 Device B: rooted Android phone with Termux and VPN Hotspot wlan0 ip 192.168.15.21 wlan1 ip 192.168.38.173
Device C: Windows 10 with RDP wlan1 ip 192.168.15.176
I’ve tried the following
A:
sudo ip route add 192.168.38.0/24 via 192.168.15.21 dev enp1s0
B:
Termux, su:
sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -s 192.168.38.0/24 -o wlan0 -j MASQUERADE
iptables -A FORWARD -i wlan0 -o wlan1 -s 192.168.15.0/24 -d 192.168.38.0/24 -j ACCEPT
iptables -A FORWARD -i wlan1 -o wlan0 -s 192.168.38.0/24 -d 192.168.15.0/24 -j ACCEPT
C: default route via 192.168.38.173 metric 1
C is solely seeing the internet from B’s VPN, and can even access wlan0’s router, meaning it has access to its internal network. C can ping B, B can ping C
B can ping A and C
A can ping B, but not C, which also means no RDP access
What am I missing ?
ip r
default via 192.168.15.1 dev enp3s0 proto dhcp src 192.168.15.32 metric 100 192.168.15.0/24 dev enp3s0 proto kernel scope link src 192.168.15.32 metric 100 192.168.38.0/24 via 192.168.15.21 dev enp3s0