User profile for user: Kekoso
Kekoso Author
User level: Level 1
4 points

OpenVPN sharing on MacOS Catalina

Hi, i just try share my internet connection from ethernet using wifi hotspot with OpenVPN client(TunnelBlick). I have utun2 - openvpn interface, en1 - wifi ap, en0 - ethernet

I use this sh:

#!/bin/sh


sysctl -w net.inet.ip.forwarding=1
sudo pfctl -d
sudo pfctl -F all
pfctl -f ./nat-rules -e

and nat-rulse file:

First try

nat on en1 from utun2:network to any -> (en1)

Second try

nat on en1 from ! (en1) to any -> (en1:0)
rdr pass on utun2 inet proto { tcp udp } from 10.8.0.0/24 to en1 -> 10.8.0.2

Third try:

nat on $ext_in from $lan to any -> ($ext_in)
nat on $vpn_in from $lan to any -> ($vpn_in)

with all enX to ext_in and all utunX in vpn_in

But i don't get internet connection on my phone where i connect to MacBook. I don't understand how to create iptables in MacOS. Who can help? Thanks

MacBook, macOS 10.15

Posted on Jun 27, 2023 9:51 PM

Reply

Similar questions

3 replies
User profile for user: a brody
a brody
User level: Level 10
85,308 points

Jun 28, 2023 3:55 AM in response to Kekoso

I think you misunderstand the use of VPN.


A VPN is a small local network with limited internet access that is utilized by schools and businesses to limit the amount of naughty internet traffic from users. It also makes for a dedicated range of IP addresses to manage your network on that can allow for networkable printers on the same network, and shared drives on the same network.


So unless you are trying to construct a network that both your phone and your computer will be on, that has its own laws of who can access the network this configuration is likely overdoing it.


You speak of hotspot. Generally the hotspot allows your computer to access your phone's cellular data network via a WiFi signal it gives your computer. If the phone is able to browse the internet, so will the computer be able to. If the phone can't browse the internet, then the computer won't be able to, and you'll need to find a different point of access for the internet for your computer, such as a cable modem, or other local WiFi. Preferably you'd get a WiFi that has security.

Reply
User profile for user: Kekoso
Kekoso Author
User level: Level 1
4 points

Jun 28, 2023 12:31 PM in response to a brody

Hi, perhaps we did not fully understand each other, as I have a limited understanding of the English language. My macbook is connected to a wired ethernet network. It has an openvpn client installed which is connected to my VPN server. I'm trying to share the Internet from a macbook via public access, but with openVPN enabled, this does not work. Natively, Macs only support legacy VPN interfaces. OpenVPN Client use kext to work. I'm trying to route packets from a VPN interface to a wifi interface in order to distribute packets from the VPN network to other devices via wifi. Above, I indicated how I configured nat, but this did not help.

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

OpenVPN sharing on MacOS Catalina

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up