I've done a ton of reading and I've gotten this to work!
I'm still a noob and needed an IT friend explain what many of these steps mean. I'm not sure I can answer a lot of the "why it works" questions. But here is what I did (and where I found it) so hopefully this can be corrected in the amahi installer. I'll try to explain things as I understand them. This may not be exactly the right terminology, so don't kill the noob
. I just know that it works on my box.
I had a working VPN connection. I could connect to my Amahi box with no issues. My issue was that once I was connected I could not see anything on the rest of my home network. I really wanted to be able to use the Windows Remote Desktop tool to access my home machines. I also wanted to be able to print to my home printer. This functionality worked great on Fedora right out of the box. But when I upgraded to Ubuntu Amahi, I could ping nothing past my Amahi box and nothing worked.
These steps assume you have a working VPN.
We want the amahi box to do the NAT between the VPN client and the amahi network. In my research, I found this
tutorial. In the "Configure iptables for NAT forwarding" section they have this code:
Code: Select all
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
That fixed my problem. But when you reboot the server, you have to do that every time. It doesn't stay persistent.
So to make it permanent,
edit the /etc/sysctl.conf file and either add or un-comment the line that says
That fixes the the ip forward part. To fix the iptables part I found
this guide
I will cut and paste the steps I did from that guide.
Save your firewall rules to a file
Code: Select all
sudo sh -c "iptables-save > /etc/iptables.rules"
At this point you have several options. You can make changes to /etc/network/interfaces or add scripts to /etc/network/if-pre-up.d/ and /etc/network/if-post-down.d/ to achieve similar ends. The script solution allows for slightly more flexibility.
And then
Solution #2 /etc/network/if-pre-up.d and ../if-post-down.d
NOTE: This solution uses iptables-save -c to save the counters. Just remove the -c to only save the rules.
Alternatively you could add the iptables-restore and iptables-save to the if-pre-up.d and if-post-down.d directories in the /etc/network directory instead of modifying /etc/network/interface directly.
The script /etc/network/if-pre-up.d/iptablesload will contain:
Code: Select all
#!/bin/sh
iptables-restore < /etc/iptables.rules
exit 0
and /etc/network/if-post-down.d/iptablessave will contain:
Code: Select all
#!/bin/sh
iptables-save -c > /etc/iptables.rules
if [ -f /etc/iptables.downrules ]; then
iptables-restore < /etc/iptables.downrules
fi
exit 0
Then be sure to give both scripts execute permissions:
Code: Select all
sudo chmod +x /etc/network/if-post-down.d/iptablessave
sudo chmod +x /etc/network/if-pre-up.d/iptablesload
Then I just reboot my server and everything that I wanted worked! I can use Remote Desktop and my printer.
I hope that helps.