[lxc-users] tunnel interface in ubuntu container

Carl E. Ma zhu_junca at yahoo.ca
Thu Aug 28 20:26:49 UTC 2014 

Hello,

I am two days user of lxc container. Please justify my question accordingly:-) 


My environment is Ubuntu 14.04 (with Virtualbox on Window 7). I am trying to set up an ubuntu container to connect to juniper VPN gateway using msjnc(http://mad-scientist.us/juniper.html).

After installed all necessary packages, I can launch "msjnc" and type in the RSA passcode. Then it failed to connect to gateway with errors like:
==
2014-08-28 19:47:52+0000: MadScientist JNC Session Manager 2.5 (17 Feb 2013)
2014-08-28 19:48:00+0000: Session: connecting using profile x.x.ras.virtela.com user ABC
2014-08-28 19:48:00+0000: Session: Retrieving certificate from x.ras.virtela.com
2014-08-28 19:48:01+0000: Writing passwd to child: /home/ubuntu/.juniper_networks/network_connect/ncsvc -h x.ras.virtela.com -u ABC
-r XXX_RSA -U xxx.ras.virtela.com -f /home/ubuntu/.juniper_networks/.cert.x.ras.virtela.com
2014-08-28 19:48:01+0000: Running pid 524 in the background
2014-08-28 19:48:03+0000: Session: PID 524 exited with 65536 (256)
==

Comparing to the regular system, it seems msjnc inside container can't  activate additional tun0 interface. So I manually create the tun device below with the same error message.

===
#mknod/dev/net/tun c 10 200 

# chmod 666 /dev/net/tun 

===
I am using the default container configuration
===
root at griffinv1:/var/lib/lxc/lxc-u1# more config
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template:
# For additional config options, please look at lxc.container.conf(5)

# Distribution configuration
lxc.include = /usr/share/lxc/config/ubuntu.common.conf
lxc.arch = x86_64

# Container specific configuration
lxc.rootfs = /var/lib/lxc/lxc-u1/rootfs
lxc.utsname = lxc-u1

# Network configuration
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = lxcbr0
lxc.network.hwaddr = 00:16:3e:43:ad:b3


===


My question is whether  it is possible to run VPN client inside container.  I also tried  the same configuration inside docker container with similar error. It seems tun0 interface can't be brought up inside container.

After struggling for two days, wish someone can shed some light on it.

Thanks,


carl
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140828/dfd1a5b6/attachment-0001.html>

More information about the lxc-users mailing list