linux – Routing between two interfaces on Raspberry


do have these physical interfaces on my PI

eth0      Link encap:Ethernet  HWaddr b8:27:eb:8b:d9:d4
          inet addr:192.168.2.42  Bcast:192.168.2.255  Mask:255.255.255.0

wlan1     Link encap:Ethernet  HWaddr b8:27:eb:de:8c:81
          inet addr:192.168.10.1  Bcast:192.168.10.255  Mask:255.255.255.0

a tunnel is build up with VPN to 192.168.1.100 what creates an additional tunnelinterface on eth0

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:192.168.1.248  P-t-P:192.168.1.248  Mask:255.255.255.255
          inet6 addr: fe80::f2a9:c54f:ad3f:2296/64 Scope:Link

wlan1 is WLAN Access point.

Routing is enabled:

pi@raspberrypi:/ $ cat /proc/sys/net/ipv4/ip_forward
1

Routes are set up as following:

pi@raspberrypi:/ $ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         *               0.0.0.0         U     0      0        0 tun0
xxxxxxxxx.dip0. fritz.box       255.255.255.255 UGH   0      0        0 eth0
192.168.2.0     *               255.255.255.0   U     202    0        0 eth0
192.168.10.0    192.168.10.1    255.255.255.0   UG    0      0        0 wlan1

Due to the first answer here I added also

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i tun0 -o wlan1 -m state --state RELATED,ESTABLISHED -                                                                                          j ACCEPT
sudo iptables -A FORWARD -i wlan1 -o tun0 -j ACCEPT

to /etc/iptables.ipv4.nat

Questions:

Clients in the WIFI on WLAN1 having IP adresses from 192.168.10.0/24 (default gw = 192.168.10.1 of course) can connect to the PI on there interface.

But still neither routing to the other network on the PI (192.168.2.0/24) nor other addresses is working.

So my target routing all traffic over the tunnel is not possible.

Any ideas?

Thanks

BoB