OpenVPN in LXC

This guide quickly describes how to connect a Linux container as VPN client with OpenVPN.

There are some settings on the host's side required, because OpenVPN requires a specific tun interface.

  1. Edit the config of the container that should get VPN functionalities
    nano /etc/pve/lxc/<container-id>.conf
  2. Add this two lines to the config:
    lxc.cgroup2.devices.allow: c 10:200 rwm
    lxc.mount.entry: /dev/net dev/net none bind,create=dir
  3. After saving change the owner of the device:
    chown 100000:100000 /dev/net/tun
  4. You can check the permissions with:
    ls -l /dev/net/tun

    It should print:

    crw-rw-rw- 1 100000 100000 10, 200 Dec 22 13:26 /dev/net/tun
  5. Finished! You can now start the container and connect to the OpenVPN server
    openvpn --config <config-file>.ovpn

Sourced from pve.proxmox.com - OpenVPN in LXC