VPN in a jail
Posted: 11 Oct 2014 14:51
Hi all,
After a LOT of reading, I'm struggling to find a way to route Internet network traffic over VPN in a jail - I would like confirmation if this is possible or not? Has anyone successfully been able to do this?
My setup is two jails on host server - one jail has Sabnzbd and Transmission, the other jail has Plex. This is configured using the TheBrig manager. I would like to route all traffic in the Sabnzbd jail over VPN, whilst the remainder over regular connection.
I've tried running OpenVPN in the jail, but get the following issue:
I think the above is because jails are not intended (for security reasons) to have permissions to change routing tables.
I've then tried to run OpenVPN on the host server and whilst this works for the host - jail traffic no longer is able to connect to Internet. I believe this is similar to post: viewtopic.php?p=30755
Is there anything that can be done to cater for my scenario? I may abandon the idea of using jails if I cannot route traffic over VPN. Running everything on the host server is less desirable, but maybe the only option unless anyone can think of a way round.
Thanks
After a LOT of reading, I'm struggling to find a way to route Internet network traffic over VPN in a jail - I would like confirmation if this is possible or not? Has anyone successfully been able to do this?
My setup is two jails on host server - one jail has Sabnzbd and Transmission, the other jail has Plex. This is configured using the TheBrig manager. I would like to route all traffic in the Sabnzbd jail over VPN, whilst the remainder over regular connection.
I've tried running OpenVPN in the jail, but get the following issue:
Code: Select all
Sat Oct 11 12:44:10 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Oct 11 12:44:10 2014 Could not retrieve default gateway from route socket:: No such process (errno=3)
Sat Oct 11 12:44:10 2014 ROUTE: default_gateway=UNDEF
Sat Oct 11 12:44:10 2014 TUN/TAP device /dev/tun0 opened
Sat Oct 11 12:44:10 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Sat Oct 11 12:44:10 2014 /sbin/ifconfig tun0 172.20.20.100 172.20.20.100 mtu 1500 netmask 255.255.252.0 up
ifconfig: ioctl (set mtu): Operation not permitted
ifconfig: up: permission denied
Sat Oct 11 12:44:10 2014 FreeBSD ifconfig failed: external program exited with error status: 1
Sat Oct 11 12:44:10 2014 Exiting due to fatal error
I've then tried to run OpenVPN on the host server and whilst this works for the host - jail traffic no longer is able to connect to Internet. I believe this is similar to post: viewtopic.php?p=30755
Is there anything that can be done to cater for my scenario? I may abandon the idea of using jails if I cannot route traffic over VPN. Running everything on the host server is less desirable, but maybe the only option unless anyone can think of a way round.
Thanks