I've recently migrated my openvpn server from a KVM VM to into an LXC. I did this because of the hardware constrains of my server and the VPN server blocked up RAM it never actually use. The migration of openvpn went in generel really well. Just copy over all the contents from /etc/openvpn and configure iptables and open the correct ports in the firewall.

However I found out that an LXC guest by default doesn't have access to the TUN device. To solve this on my Proxmox server I had to add this line to the LXC config in /etc/pve/lxc/[VM-ID].conf

lxc.cgroup.devices.allow = c 10:200 rwm

Make sure that you restart the container after you've added this line. Inside the container I had to add this code to the file /etc/rc.local

if ! [ -d /dev/net ];then
mkdir /dev/net
fi
if ! [ -c /dev/net/tun ]; then
mknod /dev/net/tun c 10 200
chmod 666 /dev/net/tun
fi

After this configuration the openvpn server worked without a problem.

Resources

Next Post Previous Post