Two jails use same VPN

[Bashern]

I have two jails:

plexmediaserver_1 on 10.0.0.12
transmission_1 on 10.0.0.13

I have OpenVPN connected to AirVPN so I can tunnel out and forward a port. It is currently set up in the plex jail (Unlimited Verizon Wireless double NAT, I live in the sticks)

How can I route the transmission jail traffic through the plex jail's VPN?

 

[Bashern]

OpenVPN interface is tun0 in the plex jail.

Code:

root@plexmediaserver_1:/ # ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
        inet 127.0.0.1 netmask 0xff000000
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 02:b8:01:00:09:0b
        inet 10.0.0.12 netmask 0xffffff00 broadcast 10.0.0.255
        nd6 options=9<PERFORMNUD,IFDISABLED>
        media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
        status: active
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
        options=80000<LINKSTATE>
        inet 10.4.29.234 --> 10.4.0.1 netmask 0xffff0000
        nd6 options=9<PERFORMNUD,IFDISABLED>
        Opened by PID 89088

Looks like rc.conf needs the following:
cloned_interfaces="tun"
gateway_enable="YES"
firewall_enable="YES"
firewall_script="/usr/local/etc/ipfw.rules"

Then some firewall rules...?

 

[Bashern]

This thread goes in to detail on setting up a jail as a gateway.

 

[Bashern]

As a workaround I installed transmission and plex in the same jail. I would certainly be interested if someone had an answer to my OP.

 

[Bashern]

Ok, so my original question still stands. My next step is to setup a remote access VPN so I can access my CIFS shares and web services remotely on my laptop. Basically THIS guide. However, this guide requires a static IP or DDNS service and port forwarding through the router. Since I am behind a verizon wireless NAT, I can not forward ports. However, I can use AirVPN to tunnel through the verizon wireless NAT and forward ports, which I already do for web services in my plex/transmission jail. AirVPN even gives a DDNS for forwarded ports. So this got me thinking:

"Dawg, I heard you like VPNs, so I put a VPN in your VPN!"

So I would like to set up an OpenVPN server jail, but use the plex/transmission jail's OpenVPN client for tunneling to the interwebs. That way I can VPN from my laptop, through the AirVPN, and to the OpenVPN jail in the new server.

So how exactly can I modify THIS guide to use my other plex/transmission jail's AirVPN?

 

[Bashern]

Interesting method here, I'll try it tomorrow:

https://forums.freebsd.org/threads/openvpn-client-in-a-jail.38287/

Not the clean solution I want, it involves running OpenVPN on the host. But from there I should be able to share its connection with jails.

 

[Limitedheadroom]

How did you get on with this? Trying to work out the best approach to run both transmission & sabnzbd through a VPN at the moment.


Sent from my iPhone using Tapatalk