Share OSX VPN with your Pi
I have a raspberry Pi that I wanted to connect to my office network for running a test. Rather than setting up a complete VPN connection on the Pi for just a one-off test, much better if the Pi shares the VPN connection from my MacBook.
Getting your MacBook to share its VPN connection is actually not difficult. First enable forwarding:
$ sudo sysctl -w net.inet.ip.forwarding=1
Next create a file called
nat-rules with the following content:
nat on ppp0 from en0:network to any -> (ppp0)
Note that my VPN runs on device
ppp0 and my MacBook is connected to my local network on device
en0. Change these to suit your situation.
Now clear your MacBook’s existing firewall rules (if you have any probably create a backup first!):
$ sudo pfctl -d # disable pf
$ sudo pfctl -F all # clear all rules
Now load the new rule you created earlier:
$ sudo pfctl -f ./nat-rules -e
Now your MacBook is set up to share its VPN connection. On your Pi (or any other device you want to give access to your VPN) add the appropriate route:
$ sudo ip route add 10.0.0.0/8 via 192.168.1.100
Here my office uses IPs in the range
10.0.0.0/8 while my MacBook has IP
192.168.1.100 on my local network.
To turn VPN sharing off, you can simply disable forwarding and flush pf as follows:
$ sudo sysctl -w net.inet.ip.forwarding=0
$ sudo pfctl -d
For more info about pf see the pf manual.