Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 23 Oct 2015 15:37:56 +0000
From:      James Lodge <James@Lodge.me.uk>
To:        "freebsd-jail@freebsd.org" <freebsd-jail@freebsd.org>
Subject:   Freebsd 10.1 - Ezjail - OpenVPN - Tun Interface
Message-ID:  <VI1PR06MB1037B08D9BEB7B207C602F43F9260@VI1PR06MB1037.eurprd06.prod.outlook.com>
next in thread | raw e-mail | index | archive | help 
Hello all,


I'm trying to build a jail on FreeBSD 10.1 using ezjail in order to run Ope=
nVPN. I'm not using vimage and don't particularly want to but I'm having an=
 issue with networking.


OpenVPN daemon is up and running and I can connect successfully as a client=
. I receive an IP address as expected, but I cannot route traffic to/from c=
lient/server. The routing table on the client (which is a Windows machine) =
looks fine so I assume the issue is on the server side. I have a tun interf=
ace created on the host and exposed to the jail via devfs rules. The IP add=
ress on the tun interface is configure on the host and not from the jail. I=
 can ping the tun interface IP from the host and the jail, but not from the=
 client when connected.


Client---------public IP --------- lo1 (Jail alias Interface)------tun0 (Op=
enVPN Interface)

10.8.06          x.x.x.x                   172.16.1.8                      =
        10.8.0.1



OpenVPN Jail Routing Table:

Internet:
Destination        Gateway            Flags      Netif Expire
172.16.1.8         link#4             UH          lo1

Jail Host Routing Table:
Internet:
Destination        Gateway            Flags      Netif Expire
default            x.x.0.1         UGS      vtnet0
10.8.0.0           10.8.0.2           UGS        tun0
10.8.0.1              link#5             UHS         lo0
10.8.0.2              link#5             UH         tun0
x.x.0.0/18          link#1             U        vtnet0
x.x.x.x                 link#1             UHS         lo0
localhost            link#3             UH          lo0
172.16.1.1         link#4             UH          lo1
172.16.1.2         link#4             UH          lo1
172.16.1.3         link#4             UH          lo1
172.16.1.4         link#4             UH          lo1
172.16.1.5         link#4             UH          lo1
172.16.1.6         link#4             UH          lo1
172.16.1.7         link#4             UH          lo1
172.16.1.8         link#4             UH          lo1

Client Routing Table:

IPv4 Route Table
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.8.0.5         10.8.0.6     20
         10.8.0.1  255.255.255.255         10.8.0.5         10.8.0.6     20
         10.8.0.4  255.255.255.252         On-link          10.8.0.6    276
         10.8.0.6  255.255.255.255         On-link          10.8.0.6    276
         10.8.0.7  255.255.255.255         On-link          10.8.0.6    276



I'm a little stumped as to how to trouble shoot the issue so any help much =
appreciated.


James

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?VI1PR06MB1037B08D9BEB7B207C602F43F9260>