OpenVPN in LXC

Tonight we’re going to have to look at setting up OpenVPN and LXC, commonly referred to as Linux Container. Linux containers are a lightweight solution for virtualizing operating systems and can often be used with very little resource overhead, sometimes even sharing resources with other containers on the virtualization host.

First we’re going to need to set up a container using the Proxmox web interface. If you not know how to do this follow this video:

Now that we have set up a new container, we can now open the shell for our Proxmox server. You can do this by clicking on the server name in the left-hand bar and then moving to the right hand top corner, you should see a button called “shell”.

With this shell terminal open we can start entering commands to begin configuring our container to be used with OpenVPN:

# nano /etc/pve/lxc/[container number].conf

Now that you're inside of the nano text editor we need to modify the configuration file with the lines below

lxc.cgroup.devices.allow: c 10:200 rwm
lxc.mount.entry: /dev/net dev/net none bind,create=dir

Now you can save the file and exit the nano text editor

Enter the command below

# chown 100000:100000 /dev/net/tun

This command will reconfigure the owner of the file to allow and unplugged which contain access after it begins running

We can check that we have configure the permissions correctly for this fine by running the command below

# ls -l /dev/net/tun

The output should look something like this
crw-rw-rw- 1 100000 100000 10, 200 Dec 22 13:26 /dev/net/tun

Now it is time to return to your Proxmox web interface and start the container so we can start the installation process of OpenVPN

With our newly configured container running it is time to click on the console button and begin setting up openVPN by running the commands below

# apt update

# apt upgrade -y

# apt install openvpn git

# git clone

# cd openvpn-install

# bash

After you follow the onscreen tutorial for the steps your new VPN client configuration file will be created this configuration file can be found in the /root directory

There are many different ways to transfer this file to your client but one way I like if using SSH is the SCP command

If you choose to use SCP command your command will be formatted like the one below

# scp [user name]@[ip of lxc]: [path of file(/root)] [path to store file]

Leave a Reply