OpenVZ Forum


Home » General » Support » [SOLVED]Adding openvpn support to openvz
[SOLVED]Adding openvpn support to openvz [message #40268] Sun, 08 August 2010 21:15 Go to next message
rubikz is currently offline  rubikz
Messages: 4
Registered: August 2010
Junior Member
Hi,

On the HN, tun module is loaded :

# lsmod | grep tun
tun                    10148  2 vzrst,vzcpt


The container use the tun/tap device (http://www.biogeogen.com/?p=43) :

# ls -l /dev/net
total 0
crw------- 1 root root 10, 200 Aug  8 19:21 tun


OpenVPN is configured inside of the virtual node :

# egrep -v "^$|^#|^;" server.conf
port 443
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
user openvpn
group openvpn
persist-key
persist-tun
status openvpn-status.log
verb 3


However, when I run "openvpn server.conf" I get this error:

Sun Aug 8 21:12:14 2010 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008
Sun Aug 8 21:12:14 2010 Diffie-Hellman initialized with 1024 bit key
Sun Aug 8 21:12:14 2010 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Sun Aug 8 21:12:14 2010 TLS-Auth MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sun Aug 8 21:12:14 2010 ROUTE default_gateway=192.0.2.1
Sun Aug 8 21:12:14 2010 Note: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)
Sun Aug 8 21:12:14 2010 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Sun Aug 8 21:12:14 2010 Cannot allocate TUN/TAP dev dynamically
Sun Aug 8 21:12:14 2010 Exiting

How can I fix it ?

Thanks in advance for any help

[Updated on: Mon, 09 August 2010 12:37]

Report message to a moderator

Re: Adding openvpn support to openvz [message #40271 is a reply to message #40268] Sun, 08 August 2010 22:10 Go to previous messageGo to next message
curx
Messages: 739
Registered: February 2006
Location: Nürnberg, Germany
Senior Member
Hi,

-> http://wiki.openvz.org/VPN_via_the_TUN/TAP_device
-> http://openvpn.net/index.php/access-server/howto-openvpn-as/ 186-how-to-run-access-server-on-a-vps-container.html

Bye,
Thorsten

Report message to a moderator

Re: Adding openvpn support to openvz [message #40287 is a reply to message #40271] Mon, 09 August 2010 12:36 Go to previous messageGo to next message
rubikz is currently offline  rubikz
Messages: 4
Registered: August 2010
Junior Member
Curx,

Thank you so much for the help!

Report message to a moderator

Re: Adding openvpn support to openvz [message #43620 is a reply to message #40268] Sun, 02 October 2011 18:23 Go to previous message
Rene is currently offline  Rene
Messages: 40
Registered: September 2006
Member
I've followed all the instructions but finally stuck with this error:

# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables: Unknown error 4294967295


This problem was reported here for another reason. I have applied the suggested fix, adding suggested modules and increasing numiptent to 1000, but it still doesn't solve the problem.

I'm stuck. Help.

[Updated on: Thu, 06 October 2011 15:53]

Report message to a moderator

Previous Topic: 1 machine multiple disks
Next Topic: capabilities
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Sun Nov 17 15:10:19 GMT 2024

Total time taken to generate the page: 0.02811 seconds
Powered by FUDforum Powered by Virtuozzo Containers