Results 1 to 7 of 7
  1. #1

    enabling /dev/net/tun and iptable_nat on VPS?

    Hi everyone,

    I'm currently have three unmanaged VPS on three different providers. I need /dev/net/tun and iptable_nat to be enabled to use OpenVPN and other stuff. By default, these two are disabled initially on all VPS provider.

    Then I asked each provider technical support to enable /dev/net/tun and iptable_nat on my vps and only two of them managed to do it. The other one tried to enable it but in the end the technical support just said they are unmanaged VPS provider and I should look on openvz forum on how to make OpenVPN work (enabling the /dev/net/tun and iptable_nat) on my VPS. My OpenVPN setup has been run sucessfully on two other VPS (one of them already run without problems for almost 2 years)

    Here is the log file of openvpn:
    Mon Jun 29 02:22:42 2009 us=575678 Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)
    Mon Jun 29 02:22:42 2009 us=575691 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
    Mon Jun 29 02:22:42 2009 us=576485 Cannot allocate TUN/TAP dev dynamically
    Mon Jun 29 02:22:42 2009 us=576498 Exiting

    and here's why I need to enable iptable_nat
    [[email protected] openvpn]# iptables -t nat -s 10.8.0.0/24 -A POSTROUTING -j SNAT --to XX.XX.XX.XX (IP ADDRESS REMOVED)
    iptables v1.3.5: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.

    The question, is it possible to do it from my end? if so, how? or I need to them do do it? (because its need to be done on the host machine not the vps).

    Any help will be much appreciated

  2. #2
    Join Date
    Nov 2006
    Location
    Long Island, NY
    Posts
    287
    Needs to be done on the host node.

    Very curious to see who this 3rd host is, that they can't even do something as simple as this.

    Might want to suggest they view this, "http://wiki.openvz.org/VPN_via_the_TUN/TAP_device"

  3. #3
    Thank you for the confirmation its need to be done on the host. I'll give them that link you posted above.

    I'm giving them a few days to resolve this issue. If they can't then I'll state their name in here. Hint: I get the offer from VPS offers forum I searched about them they did have quite large issue around 6 months ago but it seems the issue has been resolved. I tried it anyway because its quite cheap, doesn't tie me with long term plan (pay monthly) so I can get out whenever I want and this won't become my primary system except after I satisfied with performance and reliability of the host

  4. #4
    Off topic here, but not completely off.

    The openvz starts to give me some problem when trying the new OpenVPN Access Server (openvpn-as). The license check MAC address, while it does not exist on venet.

    Along with other concerns (such as IPv6 sit interface), I had to give up and turned over to Xen.

  5. #5
    xkey, I just realized that there is another version of openvpn, which is openvpn-as. It seems make things easier, unfortunately it's not free and does not work on openvz.

    Back to topic, I found a page to enable NAT on the vps, and also needs to be done on the host.
    http://kb.parallels.com/article_130_875_en.html

    I'm suspecting ipt_conntrack ipt_state iptable_nat ip_nat_ftp not loaded yet.

  6. #6
    Well, someone in the openvz forum gives me a link to OpenVZ User Guide, I was surprised that enabling VPN/tun interface and loading needed iptable modules clearly documented in there.
    Page 69-70
    http://download.openvz.org/doc/OpenVZ-Users-Guide.pdf

    I wonder what took them so long to do that. Its been 48 hours since I opened the ticket!

  7. #7
    update, the problem is fixed

Similar Threads

  1. Enabling GD on PHP
    By t325 in forum Hosting Security and Technology
    Replies: 4
    Last Post: 09-25-2006, 12:32 AM
  2. help on enabling FXP
    By pabris in forum Employment / Job Offers
    Replies: 5
    Last Post: 05-30-2005, 07:05 PM
  3. Enabling SSI?
    By Daemon1 in forum Hosting Security and Technology
    Replies: 7
    Last Post: 06-22-2004, 06:47 AM
  4. Enabling GD in PHP
    By concept in forum Hosting Security and Technology
    Replies: 1
    Last Post: 04-19-2004, 03:04 PM
  5. Help enabling WebDAV
    By WALoeIII in forum Hosting Security and Technology
    Replies: 5
    Last Post: 04-18-2004, 07:01 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •