I need your help to share OpenVPN connection from Freenas jail.This is the situation:
- I already created jail named OpenVPN. Inside this jail, there is an openvpn client connected to nordvpn. And this is result from ifconfig inside OpenVPN:
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: loepair0b: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 1e:6f:65:9b:c8:80 hwaddr 02:2b:ff:00:0a:0b inet 192.168.86.19 netmask 0xffffff00 broadcast 192.168.86.255 nd6 options=1<PERFORMNUD> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epairtun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500 options=80000<LINKSTATE> inet 10.8.8.8 --> 10.8.8.1 netmask 0xffffff00 nd6 options=1<PERFORMNUD> groups: tun Opened by PID 2574- And this is my /etc/rc.conf from OpenVPN jail:
cron_flags="$cron_flags -J 15"# Disable Sendmail by defaultsendmail_enable="NO"sendmail_submit_enable="NO"sendmail_outbound_enable="NO"sendmail_msp_queue_enable="NO"# Run secure syslogsyslogd_flags="-c -ss"# Enable IPv6ipv6_activate_all_interfaces="YES"hostname="OpenVPN"ifconfig_epair0b="SYNCDHCP"openvpn_enable="YES"openvpn_if="tun"openvpn_configfile="/usr/local/etc/openvpn/default.conf"openvpn_dir="/usr/local/etc/openvpn/"cloned_interfaces="tun"gateway_enable="YES"firewall_enable="YES"firewall_script="/usr/local/etc/ipfw.rules"sysctl net.inet.ip.forwarding=1kldload ipfw.kokldload ipfw_nat.ko- And this is result of ifconfig from Freenas host:
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether 4e:f1:31:df:f8:90 hwaddr 4e:f1:31:df:f8:90 nd6 options=1<PERFORMNUD> media: Ethernet autoselect status: no carrierem1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether 4e:f1:31:df:f8:80 hwaddr 4e:f1:31:df:f8:80 nd6 options=1<PERFORMNUD> media: Ethernet autoselect status: no carrierem2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether 4e:f1:31:df:f8:b0 hwaddr 4e:f1:31:df:f8:b0 nd6 options=1<PERFORMNUD> media: Ethernet autoselect status: no carrierem3: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM> ether 4e:f1:31:df:f8:a0 hwaddr 4e:f1:31:df:f8:a0 inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255 nd6 options=1<PERFORMNUD> media: Ethernet autoselect (1000baseT <full-duplex>) status: activere0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE> ether c1:f6:56:9c:85:aa hwaddr c1:f6:56:9c:85:aa inet 192.168.86.200 netmask 0xffffff00 broadcast 192.168.86.255 nd6 options=1<PERFORMNUD> media: Ethernet autoselect (1000baseT <full-duplex>) status: activelo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: lotap0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: Attached to HomeAssistant options=80000<LINKSTATE> ether 00:db:f2:37:8f:00 hwaddr 00:db:f2:37:8f:00 nd6 options=1<PERFORMNUD> media: Ethernet autoselect status: active groups: tap Opened by PID 1832bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 20:f4:56:1a:d2:00 nd6 options=1<PERFORMNUD> groups: bridge id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15 maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200 root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0 member: vnet0.3 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 13 priority 128 path cost 2000 member: vnet0.2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 12 priority 128 path cost 2000 member: tap2 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 11 priority 128 path cost 2000000 member: tap1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 10 priority 128 path cost 2000000 member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 9 priority 128 path cost 2000 member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 5 priority 128 path cost 20000 member: tap0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP> ifmaxaddr 0 port 7 priority 128 path cost 2000000vnet0.1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: OpenVPN as nic: epair0b options=8<VLAN_MTU> ether e1:f6:56:b9:8c:f7 hwaddr 20:6e:0d:00:90:a0 nd6 options=1<PERFORMNUD> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epairtap1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: Attached to PiHole options=80000<LINKSTATE> ether 00:db:92:38:8f:10 hwaddr 00:db:92:38:8f:10 nd6 options=1<PERFORMNUD> media: Ethernet autoselect status: active groups: tap Opened by PID 2338tap2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: Attached to OpenVPN options=80000<LINKSTATE> ether 00:db:46:39:8f:20 hwaddr 00:db:46:39:8f:20 nd6 options=1<PERFORMNUD> media: Ethernet autoselect status: active groups: tap Opened by PID 2590vnet0.2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: plexmediaserver as nic: epair0b options=8<VLAN_MTU> ether e1:f6:56:d3:b6:aa hwaddr 20:6e:0d:00:c0:a0 nd6 options=1<PERFORMNUD> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epairvnet0.3: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: associated with jail: qbittorrent as nic: epair0b options=8<VLAN_MTU> ether ca:f6:56:b5:ac:5e hwaddr 20:6e:0d:00:d0:a0 nd6 options=1<PERFORMNUD> media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>) status: active groups: epair- And this is /etc/rc.conf from Freenas host
hostname="freenas"openssh_enable="YES"sendmail_enable="NONE"background_fsck="NO"fsck_y_enable="YES"synchronous_dhclient="YES"ntpd_enable="YES"ntpd_sync_on_start="YES"vmware_guest_vmblock_enable="YES"vmware_guest_vmhgfs_enable="YES"vmware_guest_vmmemctl_enable="YES"devfs_system_ruleset="usbrules"clear_tmp_X="NO"geli_autodetach="NO"savecore_enable="NO"dumpdev="NO"dumpdir="/data/crash"early_kld_list="dtraceall geom_multipath"kld_list="hwpmc t3_tom t4_tom"dbus_enable="YES"mdnsd_enable="YES"performance_cpu_freq="HIGH"local_startup="/etc/ix.rc.d /usr/local/etc/rc.d"early_late_divider="*"root_rw_mount="YES"syslogd_enable="NO"syslog_ng_enable="YES"nginx_enable="YES"nginx_login_class="nginx"devd_flags="-q"cleanvar_enable="NO"openssh_skipportscheck="YES"inadyn_flags="--continue-on-error"microcode_update_enable="YES"rcshutdown_timeout=""zfsd_enable="YES"export LANG=en_US.UTF-8I haven't create anything in OpenVPN Jail file : /usr/local/etc/ipfw.rules
I have ethernet card with 4 lan port (em0,em1,em2,em3)What I want to achieve is to share internet access from OpenVPN Jail (vnet0.1) to ethernet port (em3), so I can connect my wireless router to ethernet port, and share internet access to it.
How can I achieve this?
Thank you in advance