(As you don't mention any operating system, I'll assume that it's all Linux).
You'll need to ensure that packet forwarding is enabled on PC1. To do this permanently, add a file in /etc/sysctl.d/
(I called mine local.conf
):
net.ipv4.ip_forward = 1
You'll also want to set its iptables to do NAT, by editing /etc/iptables.rules
(assuming you have an interface up
rule to iptables-restore
the rules file):
*nat
-A POSTROUTING -o tun0 -j MASQUERADE
COMMIT
On PC2, you'll want to route traffic to your VPN via PC1. Assuming it has a single Ethernet interface, add a route
command to the up
and down
commands in your /etc/network/interfaces.d/eth0
(or to /etc/network/interfaces
if you're using a single file for all interfaces):
iface eth0 inet static
address 192.168.0.2
netmask 255.255.255.0
broadcast 192.168.0.255
pre-up iptables-restore </etc/iptables.eth0.rules
up route add -net 10.0.0.0 netmask 255.0.0.0 gw 192.168.0.1
down route del -net 10.0.0.0 netmask 255.0.0.0
I've assumed above that PC1 should be 192.168.0.1
and PC2 should be 192.168.0.2
, and that your VPN appears as 10.x.x.x
; substitute your own values as appropriate.
You'll probably want to create the route by hand the first time, and only add it to the interface file when you're happy it's doing the right thing.