colejustin posted a topic in Lan TurtleBuilding on the idea of having access to all resources in a target network using OpenVPN, is there a way to catch reverse shells through the LAN Turtle coming back to Metasploit that is connected to the same VPN? Scenario: I have planted the LAN Turtle in a client's network for a pen test engagement. I can ping targets in the client network without any issues, even RDP to some of them. But if I try to use an exploit from Metasploit with a meterpreter reverse shell payload, I don't get the shell back. I'm guessing this is because the clients in the target network are not aware of the route back to my Kali box that sits on the VPN. I've also tried to set the internal IP address of the LAN Turtle (that it picks up from the client's DHCP server) as the LHOST, but I don't think the LAN Turtle knows what to do with the reverse connection once it gets it. Is there some sort of iptables trickery that I can use to forward to reverse shell back to my Kali box that's connected to the VPN? Or is there another way altogether to get the reverse shell back?