OpenVPN is an open source software application that implements virtual private network (VPN) techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses a custom security protocol that utilizes SSL/TLS for key exchange. It is capable of traversing network address translators (NATs) and firewalls. It was written by James Yonan and is published under the GNU General Public License (GPL).
Preparing host node
Preparing the Proxmox VE to allow the tun network interface that OpenVPN requires.
Login to your node server and edit your vz.conf like this:
IPTABLES="iptable_nat ipt_REJECT ipt_tos ipt_limit ipt_multiport iptable_filter iptable_mangle ipt_TCPMSS ipt_tcpmss ipt_ttl ipt_length ipt_LOG ip_conntrack ip_conntrack_ftp ip_conntrack_irc ipt_state ipt_conntrack ipt_helper ip_nat_ftp ip_nat_irc ipt_state"
Make sure the tun module has been already loaded on the hardware node:
lsmod | grep tun
If it is not there, use the following command to load tun module:
ref: VPN via the TUN/TAP device
Now you must force reload or restart your vz to load the new modules:
# /etc/init.d/vz restart
or force reload
# /etc/init.d/vz force-reload
Installing the OS
For this tutorial I chose OpenVZ container with Ubuntu 11.04 64-bit OS
Configuring and preparing the VM
You need first to connect via the VNC console and edit the Network configuration of the VM like this:
auto eth0 iface eth0 inet static address 172.16.54.250 netmask 255.255.255.0 gateway 172.16.54.1
Then restart your network:
# /etc/init.d/networking restart
On the host node (proxmox), connect to it via ssh and run the following
ip route add 172.16.54.250 dev vmbr0 vzctl set CTID --devnodes net/tun:rw --save vzctl set CTID --devices c:10:200:rw --save vzctl set CTID --capability net_admin:on --save vzctl exec CTID mkdir -p /dev/net vzctl exec CTID mknod /dev/net/tun c 10 200 vzctl exec CTID chmod 600 /dev/net/tun
Replace CTID by the container ID!
Now that you are connected to the LAN, you need to update and upgrade the VM before installing OpenVPN.
apt-get update apt-get upgrade
Very easy, do this:
apt-get install openvpn openssl
I will not cover configuring OpenVPN for your specific needs here. OpenVPN has a good document outlining how to do that.