Here in China, we are not getting public IPV4 addresses from internet providers any more since they are running out of them. So I will need a workaround to access home network from outside, and it occurred to me that an Openvpn client connecting to a forward server might help solve the problem.After much tinkering with various options, I connected successfully to the Openvpn server in my office, which has an assigned internet-facing IP address. But I cannot ping any devices connecting to my office's router, not to mention streaming video or downloading files.
it turned out that I had not pushed the route rules to the connected clients, and adding a push line in openvpn configuration moved me closer to a working setup. Yet I was still one step away from success -- the application of a SNAT postrouting iptables rule .
iptables -t nat -A POSTROUTING -s 10.10.10.0/24 -j SNAT --to-source 192.168.14.123 #192.168.14.123 is the local ip address of the Openvpn server.
this is half the battle and I will explore how to forward traffic from external devices to the home openvpn client in the following days. Hopefully my enthusiasm will not fade away.