Android VPN Tethering

By default you’re not able to do VPN tethering via WiFi hotspot on Android devices. However, if you have root access to your device, you can change this by configuring a few iptables rules.

The easiest way to do this is to create a script file on your device and add the following lines to the file:

/system/bin/iptables --flush
/system/bin/iptables -A POSTROUTING -o tun0 -j MASQUERADE -t nat
/system/bin/iptables -A FORWARD -i tun0 -o wlan0 -m state --state RELATED,ESTABLISHED -j RETURN
/system/bin/iptables -A FORWARD -i wlan0 -o tun0 -m state --state INVALID -j DROP
/system/bin/iptables -A FORWARD -i wlan0 -o tun0 -j RETURN

Then you can use the Script manager application to run the script manually or to configure the script to run at boot (iptables changes are not permanent and need to be reapplied after the device is restarted).

Script manager configuration screen: