I need your help to share **OpenVPN** connection from Freenas jail.
This is the situation:
1. I already created jail named **OpenVPN**. Inside this jail, there is an openvpn client succesfully connected to nordvpn. And this is result from ifconfig inside **OpenVPN**:
2. And this is my /etc/rc.conf from **OpenVPN** jail:
3. And this is result of ifconfig from **Freenas** host:
4. And this is /etc/rc.conf from **Freenas** host
I haven't create anything in OpenVPN Jail file : /usr/local/etc/ipfw.rules
I have:
1 onboard NIC re0
1 ethernet card with 4 lan port (em0,em1,em2,em3)
What I want to achieve is to share nordvpn internet access from **OpenVPN** Jail (vnet0.1) to ethernet port (em0). So I can connect my wireless router to ethernet port (em0), and share nordvpn internet access through the wireless router.
How can I achieve this?
Thank you in advance
This is the situation:
1. I already created jail named **OpenVPN**. Inside this jail, there is an openvpn client succesfully connected to nordvpn. And this is result from ifconfig inside **OpenVPN**:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 1e:6f:65:9b:c8:80
hwaddr 02:2b:ff:00:0a:0b
inet 192.168.86.19 netmask 0xffffff00 broadcast 192.168.86.255
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 10.8.8.8 --> 10.8.8.1 netmask 0xffffff00
nd6 options=1<PERFORMNUD>
groups: tun
Opened by PID 2574
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
epair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 1e:6f:65:9b:c8:80
hwaddr 02:2b:ff:00:0a:0b
inet 192.168.86.19 netmask 0xffffff00 broadcast 192.168.86.255
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
inet 10.8.8.8 --> 10.8.8.1 netmask 0xffffff00
nd6 options=1<PERFORMNUD>
groups: tun
Opened by PID 2574
cron_flags="$cron_flags -J 15"
# Disable Sendmail by default
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
# Run secure syslog
syslogd_flags="-c -ss"
# Enable IPv6
ipv6_activate_all_interfaces="YES"
hostname="OpenVPN"
ifconfig_epair0b="SYNCDHCP"
openvpn_enable="YES"
openvpn_if="tun"
openvpn_configfile="/usr/local/etc/openvpn/default.conf"
openvpn_dir="/usr/local/etc/openvpn/"
cloned_interfaces="tun"
gateway_enable="YES"
firewall_enable="YES"
firewall_script="/usr/local/etc/ipfw.rules"
sysctl net.inet.ip.forwarding=1
kldload ipfw.ko
kldload ipfw_nat.ko
# Disable Sendmail by default
sendmail_enable="NO"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
# Run secure syslog
syslogd_flags="-c -ss"
# Enable IPv6
ipv6_activate_all_interfaces="YES"
hostname="OpenVPN"
ifconfig_epair0b="SYNCDHCP"
openvpn_enable="YES"
openvpn_if="tun"
openvpn_configfile="/usr/local/etc/openvpn/default.conf"
openvpn_dir="/usr/local/etc/openvpn/"
cloned_interfaces="tun"
gateway_enable="YES"
firewall_enable="YES"
firewall_script="/usr/local/etc/ipfw.rules"
sysctl net.inet.ip.forwarding=1
kldload ipfw.ko
kldload ipfw_nat.ko
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 4e:f1:31:df:f8:90
hwaddr 4e:f1:31:df:f8:90
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: no carrier
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 4e:f1:31:df:f8:80
hwaddr 4e:f1:31:df:f8:80
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: no carrier
em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 4e:f1:31:df:f8:b0
hwaddr 4e:f1:31:df:f8:b0
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: no carrier
em3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 4e:f1:31:df:f8:a0
hwaddr 4e:f1:31:df:f8:a0
inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether c1:f6:56:9c:85:aa
hwaddr c1:f6:56:9c:85:aa
inet 192.168.86.200 netmask 0xffffff00 broadcast 192.168.86.255
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Attached to HomeAssistant
options=80000<LINKSTATE>
ether 00:db:f2:37:8f:00
hwaddr 00:db:f2:37:8f:00
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: active
groups: tap
Opened by PID 1832
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 20:f4:56:1a:d2:00
nd6 options=1<PERFORMNUD>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet0.3 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 13 priority 128 path cost 2000
member: vnet0.2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 12 priority 128 path cost 2000
member: tap2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 11 priority 128 path cost 2000000
member: tap1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 10 priority 128 path cost 2000000
member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 9 priority 128 path cost 2000
member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 5 priority 128 path cost 20000
member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 7 priority 128 path cost 2000000
vnet0.1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: OpenVPN as nic: epair0b
options=8<VLAN_MTU>
ether e1:f6:56:b9:8c:f7
hwaddr 20:6e:0d:00:90:a0
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
tap1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Attached to PiHole
options=80000<LINKSTATE>
ether 00:db:92:38:8f:10
hwaddr 00:db:92:38:8f:10
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: active
groups: tap
Opened by PID 2338
tap2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Attached to OpenVPN
options=80000<LINKSTATE>
ether 00:db:46:39:8f:20
hwaddr 00:db:46:39:8f:20
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: active
groups: tap
Opened by PID 2590
vnet0.2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: plexmediaserver as nic: epair0b
options=8<VLAN_MTU>
ether e1:f6:56:d3:b6:aa
hwaddr 20:6e:0d:00:c0:a0
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
vnet0.3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: qbittorrent as nic: epair0b
options=8<VLAN_MTU>
ether ca:f6:56:b5:ac:5e
hwaddr 20:6e:0d:00:d0:a0
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 4e:f1:31:df:f8:90
hwaddr 4e:f1:31:df:f8:90
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: no carrier
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 4e:f1:31:df:f8:80
hwaddr 4e:f1:31:df:f8:80
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: no carrier
em2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 4e:f1:31:df:f8:b0
hwaddr 4e:f1:31:df:f8:b0
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: no carrier
em3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 4e:f1:31:df:f8:a0
hwaddr 4e:f1:31:df:f8:a0
inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether c1:f6:56:9c:85:aa
hwaddr c1:f6:56:9c:85:aa
inet 192.168.86.200 netmask 0xffffff00 broadcast 192.168.86.255
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
tap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Attached to HomeAssistant
options=80000<LINKSTATE>
ether 00:db:f2:37:8f:00
hwaddr 00:db:f2:37:8f:00
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: active
groups: tap
Opened by PID 1832
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 20:f4:56:1a:d2:00
nd6 options=1<PERFORMNUD>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet0.3 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 13 priority 128 path cost 2000
member: vnet0.2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 12 priority 128 path cost 2000
member: tap2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 11 priority 128 path cost 2000000
member: tap1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 10 priority 128 path cost 2000000
member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 9 priority 128 path cost 2000
member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 5 priority 128 path cost 20000
member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 7 priority 128 path cost 2000000
vnet0.1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: OpenVPN as nic: epair0b
options=8<VLAN_MTU>
ether e1:f6:56:b9:8c:f7
hwaddr 20:6e:0d:00:90:a0
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
tap1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Attached to PiHole
options=80000<LINKSTATE>
ether 00:db:92:38:8f:10
hwaddr 00:db:92:38:8f:10
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: active
groups: tap
Opened by PID 2338
tap2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: Attached to OpenVPN
options=80000<LINKSTATE>
ether 00:db:46:39:8f:20
hwaddr 00:db:46:39:8f:20
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect
status: active
groups: tap
Opened by PID 2590
vnet0.2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: plexmediaserver as nic: epair0b
options=8<VLAN_MTU>
ether e1:f6:56:d3:b6:aa
hwaddr 20:6e:0d:00:c0:a0
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
vnet0.3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: qbittorrent as nic: epair0b
options=8<VLAN_MTU>
ether ca:f6:56:b5:ac:5e
hwaddr 20:6e:0d:00:d0:a0
nd6 options=1<PERFORMNUD>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
hostname="freenas"
openssh_enable="YES"
sendmail_enable="NONE"
background_fsck="NO"
fsck_y_enable="YES"
synchronous_dhclient="YES"
ntpd_enable="YES"
ntpd_sync_on_start="YES"
vmware_guest_vmblock_enable="YES"
vmware_guest_vmhgfs_enable="YES"
vmware_guest_vmmemctl_enable="YES"
devfs_system_ruleset="usbrules"
clear_tmp_X="NO"
geli_autodetach="NO"
savecore_enable="NO"
dumpdev="NO"
dumpdir="/data/crash"
early_kld_list="dtraceall geom_multipath"
kld_list="hwpmc t3_tom t4_tom"
dbus_enable="YES"
mdnsd_enable="YES"
performance_cpu_freq="HIGH"
local_startup="/etc/ix.rc.d /usr/local/etc/rc.d"
early_late_divider="*"
root_rw_mount="YES"
syslogd_enable="NO"
syslog_ng_enable="YES"
nginx_enable="YES"
nginx_login_class="nginx"
devd_flags="-q"
cleanvar_enable="NO"
openssh_skipportscheck="YES"
inadyn_flags="--continue-on-error"
microcode_update_enable="YES"
rcshutdown_timeout=""
zfsd_enable="YES"
export LANG=en_US.UTF-8
openssh_enable="YES"
sendmail_enable="NONE"
background_fsck="NO"
fsck_y_enable="YES"
synchronous_dhclient="YES"
ntpd_enable="YES"
ntpd_sync_on_start="YES"
vmware_guest_vmblock_enable="YES"
vmware_guest_vmhgfs_enable="YES"
vmware_guest_vmmemctl_enable="YES"
devfs_system_ruleset="usbrules"
clear_tmp_X="NO"
geli_autodetach="NO"
savecore_enable="NO"
dumpdev="NO"
dumpdir="/data/crash"
early_kld_list="dtraceall geom_multipath"
kld_list="hwpmc t3_tom t4_tom"
dbus_enable="YES"
mdnsd_enable="YES"
performance_cpu_freq="HIGH"
local_startup="/etc/ix.rc.d /usr/local/etc/rc.d"
early_late_divider="*"
root_rw_mount="YES"
syslogd_enable="NO"
syslog_ng_enable="YES"
nginx_enable="YES"
nginx_login_class="nginx"
devd_flags="-q"
cleanvar_enable="NO"
openssh_skipportscheck="YES"
inadyn_flags="--continue-on-error"
microcode_update_enable="YES"
rcshutdown_timeout=""
zfsd_enable="YES"
export LANG=en_US.UTF-8
I haven't create anything in OpenVPN Jail file : /usr/local/etc/ipfw.rules
I have:
1 onboard NIC re0
1 ethernet card with 4 lan port (em0,em1,em2,em3)
What I want to achieve is to share nordvpn internet access from **OpenVPN** Jail (vnet0.1) to ethernet port (em0). So I can connect my wireless router to ethernet port (em0), and share nordvpn internet access through the wireless router.
How can I achieve this?
Thank you in advance