Sharing VPN connection on Linux

Most VPN servers allow a single remote session per user, which is all you need most of the times. But sometimes it is necessary to connect multiple devices to the VPN server; but using a single user account it is impossible if the server doesn’t allow it. There is a way around this problem by sharing the VPN connection from a central node to other computers by setting up an ad-hoc wireless network using the wireless modem of the central computer as a hot-spot. The idea is fairly simple provided the central computer has two network cards:

  1. Use a central computer to connect to VPN via ethernet or one of the network cards
  2. Setup a hotspot on the central computer so that devices in range can connect to it over wifi
  3. Route all traffic (inbound & outbound) from the hotspot to the ethernet/vpn connection
The diagram below illustrates this.

So how do we do this? Below is an example to setup this configuration on a Linux box. I used Linux Mint desktop in this example. Here are the steps:

  1. Install and configure hostapd application so that you can turn your wireless modem into a hotspot
  2. Install and configure a DHCP server so that IP addresses are assigned to devices connected to the hotspot
  3. Allow IP masquerading to share the ethernet/vpn connection with the devices connected to the hotspot.

Install and configure hostapd

Use the following command to install the hostapd application

Configure hostapd by editing the /etc/hostapd/hostapd.conf file as follows

You can check the wireless interface name by using the iwconfig command, on my machine the interface name was wlan0. Now you can start hostapd using the following command:

Install and configure dhcp

Install the dhcp server using the following command

Edit the /etc/dhcp/dhcpd.conf file to setup subnet by adding the following lines to the file

Edit /etc/default/isc-dhcp-server and add the wireless network interface name like below:

Configure a new interface and start the dhcp server

Allow IP masquerading

Now when the linux box is connected to the VPN, we can share this VPN connection over wifi hotspot by running following commands:

In this example the vpn interface is tun0, you can check the interface name using iwconfig command.

So now VPN sharing is setup and all your devices (computers, tablets, smart phones etc.), connected to the hot-spot of your central linux box, can access all the available network resources on VPN.

One thought on “Sharing VPN connection on Linux”

Leave a Reply

Your email address will not be published. Required fields are marked *