How do I access/create a bridge interface inside a VIMAGE jail?

[qwertymodo]

I'm trying to set up a bridged OpenVPN server inside a VIMAGE jail, but I'm having issues with creating the actual bridge. When I try creating the bridge0 interface, it tells me

Code:

# ifconfig bridge0 create
ifconfig: SIOCIFCREATE2: File exists

I'm assuming this is referring to the FreeNAS bridge0 interface, which would make sense because that obviously does exist, but if I try to add epair2b to bridge0, it then tells me:

Code:

# ifconfig bridge0 adm epair2b
ifconfig: interface bridge0 does not exist

So... apparently I have a quantum bridge interface >_<

Then I realized that maybe trying to add epair2b to bridge0 wasn't the right way to go, so I created a new bridge, bridge1, and added epair2b to THAT, and it worked... until I restarted the jail, at which point, bridge1 behaved exactly like bridge0, saying that it both did and didn't exist. So, now, I'm really confused. If I want to create a bridged OpenVPN server inside a VIMAGE jail, how do I go about actually creating/accessing the bridge interface?

 

[DrKK]

Sir,

This whole issue of getting OpenVPN to work in a FreeNAS jail is one of the classic problems. I myself (not an idiot, at least not usually) attempted for several days, and eventually gave up. The interface/networking issues are exceptionally challenging, and in the end, it was not worth it. Josh Paetzle's brother (John? Tom? I forget his name) allegedly has a guide somewhere on the internet that tells you how to set it up IN THE APPLIANCE itself (not a jail), and allegedly it works, but many people (pretty much anyone with a last name not "Paetzle") don't think it's a good idea to make these changes in the appliance itself.

What winds up happening, if they still insist on doing it, and there's no other (e.g., Linux) servers in the LAN:

1) Guys with a pfSense box just use the very well integrated OpenVPN functionality inside that, or
2) This is a piece of cake on a Windows box that they might have on 24/7

 

[qwertymodo]

Yeah, I don't want to do it in the FreeNAS side of things, and I actually already have a routed connection working inside a jail, now I just want to figure out the bridged version instead.

Sent from my Galaxy Nexus using Tapatalk

 

[Whattteva]

I just setup OpenVPN in the jail (9.1.1.RELEASE) a week ago or so and it was actually a piece of cake. I'm using routed setup (tun, not tap) though, so that may be the reason why I had no real issues.

Really, the only "extra" thing I had to do other than installing and setting up config files and certs were two things:

Code:

Set up IP forwarding.
Set up a static route on my router.

That's all there was to it. To be honest, routed mode is the more robust and elegant solution than bridged setup anyway and it's not too hard to setup. People on the forums can probably help you through certain things, though don't expect us to explain in gritty detail on how IP networking works cause most people just probably don't have the time for that.

 

[qwertymodo]

Yeah, like I said, I already have a routed connection working. I'm trying to get bridged.

Sent from my Galaxy Nexus using Tapatalk

 

[Whattteva]

Why exactly do you want bridged? With the proper setup, you could pretty much get anything you want in bridged setup in routed setup.

 

[qwertymodo]

I won't have access to the router, so I can't add the static route, and NAT breaks a lot of things.

Sent from my Galaxy Nexus using Tapatalk

 

[Whattteva]

I won't have access to the router, so I can't add the static route, and NAT breaks a lot of things.

Sent from my Galaxy Nexus using Tapatalk

Lol, sounds like you're trying out something fishy (at work maybe?). Whatever you're trying to do, I hope you don't get in trouble for it, lol.

 

[qwertymodo]

Nothing fishy, and I CAN have changes made (that's how I got port forwarding enabled), but it's a pain and takes forever for them to get around to it so I'd rather not have to rely on that.

Sent from my Galaxy Nexus using Tapatalk