Trying to get a VPN to work within my container (but also have it accessible lan)

P

proxmoxf33r

New Member
Jan 12, 2015
7
0
1
I have Proxmox VE installed and have an Ubuntu 13.10 OpenVZ container running (192.168.1.106 on my lan).

I want to be able to access the container using the local address, BUT I also want all outgoing traffic destined for outside my lan to go through a VPN.

I've found some tutorials online, but they mostly deal with sending ALL traffic through the VPN without having another network interface for my local traffic. If it matters, I'm using OpenVPN with the install script from Private Internet Access (PIA). I can provide the OpenVPN configuration files here if it matters.

Even after following all the instructions from tutorials (changing the IPTABLES in the vz.conf, making sure 'tun' is loaded on the host and changing the configuration of the container to use the same block) but I'm still having issues running 'openvpn ./config.conf'
 
Get rid of the venet. Add 2 veth devices. Statically assign their addresses inside the VM. Use the VPN connected interface to assign a gateway. Do not give the internal IP/device a gateway
 
Here's a screenshot of my network connections in the Proxmox VE web console:

Screen Shot 2015-01-30 at 3.55.31 PM.png

I removed the vnet and added another veth.

Then, I ran:

CTID=101

vzctl set $CTID --devnodes net/tun:rw --save

vzctl set $CTID --devices c:10:200:rw --save

vzctl set $CTID --capability net_admin:eek:n --save

vzctl exec $CTID mkdir -p /dev/net

vzctl exec $CTID mknod /dev/net/tun c 10 200

vzctl exec $CTID chmod 600 /dev/net/tunOn the host to allow the passthrough.

Now, when I try to run "openvpn ./config.ovpn", I get this error and the container seems to freeze up (I'm connecting via ssh). I need to reboot the container to regain control.

root@host:/etc/openvpn# openvpn ./config.ovpn
Fri Jan 30 15:42:26 2015 OpenVPN 2.3.2 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [eurephia] [MH] [IPv6] built on Jul 12 2013
Enter Auth Username:
Enter Auth Password:
Fri Jan 30 15:42:57 2015 UDPv4 link local: [undef]
Fri Jan 30 15:42:57 2015 UDPv4 link remote: [AF_INET]ip:port
Fri Jan 30 15:42:57 2015 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Jan 30 15:42:57 2015 [Private Internet Access] Peer Connection Initiated with [AF_INET]ip:port
Fri Jan 30 15:42:59 2015 TUN/TAP device tun1 opened
Fri Jan 30 15:42:59 2015 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Jan 30 15:42:59 2015 /sbin/ip link set dev tun1 up mtu 1500
Fri Jan 30 15:42:59 2015 /sbin/ip addr add dev tun1 local 10.151.1.6 peer 10.151.1.5
RTNETLINK answers: No such device
Fri Jan 30 15:42:59 2015 ERROR: Linux route add command failed: external program exited with error status: 2

Any ideas? I'm a total newcomer to this so it's likely something dumb that I'm missing.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back