Jail routing back to OpenVPN Server

Hi everyone,

I have looked thru the manual and searched the forum but can't seem to find what I'm looking for to solve my problem....

I'm running 6.3p13, I have OpenVPN setup on the host with jails running mail, web, and a few other services. I need to be able to route packets from the jails back to the host and out the VPN. Any help with this would be greatly appreciated...
 
Not enough information. How are your jails setup? What IP addresses are used (jails and host). What does the routing table look like? Any firewall/nat running?
 
Here is the rc.conf:

Code:
defaultrouter="192.168.1.1"
hostname="ServerHost.home"
ifconfig_fxp0="inet 192.168.1.39  netmask 255.255.255.0"
ifconfig_fxp0_alias0="inet 192.168.1.40 netmask 0xffffffff"
ifconfig_fxp0_alias1="inet 192.168.1.41 netmask 0xffffffff"
ifconfig_fxp0_alias2="inet 192.168.1.42 netmask 0xffffffff"
ifconfig_fxp0_alias3="inet 192.168.1.43 netmask 0xffffffff"
ifconfig_fxp0_alias4="inet 192.168.1.44 netmask 0xffffffff"
ifconfig_fxp0_alias5="inet 192.168.1.45 netmask 0xffffffff"
ifconfig_fxp0_alias6="inet 192.168.1.46 netmask 0xffffffff"
gateway_enable="YES"
ntpd_enable="YES"
ntpd_sync_on_start="YES"
inetd_flags="-wW -a 192.168.1.39"
sendmail_enable="NO"
sshd_enable="YES"
tcp_extensions="YES"
usbd_enable="YES"
webmin_enable="YES"
clear_tmp_enable="YES"
syslogd_enable="YES"
syslogd_flags="-ss"
linux_enable="YES"
smartd_enable="YES"
mixer_enable="NO"
openvpn_enable="YES"
#
jail_enable="YES"
jail_list="ps dhcp ftp dns www mail base"
#
# PS
jail_ps_hostname="ps.home"
jail_ps_rootdir="/jail/ps/"
jail_ps_ip="192.168.1.40"
jail_ps_exec="/bin/sh /etc/rc"
jail_ps_devfs_enable="YES"
jail_ps_devfs_ruleset="ps_ruleset"
# DHCP
jail_dhcp_hostname="dhcp.home"
jail_dhcp_rootdir="/jail/dhcp/"
jail_dhcp_ip="192.168.1.41"
jail_dhcp_exec="/bin/sh /etc/rc"
# FTP
jail_ftp_hostname="ftp.home"
jail_ftp_rootdir="/jail/ftp/"
jail_ftp_ip="192.168.1.42"
jail_ftp_exec="/bin/sh /etc/rc"
# DNS
jail_dns_hostname="dns.home"
jail_dns_rootdir="/jail/dns/"
jail_dns_ip="192.168.1.43"
jail_dns_exec="/bin/sh /etc/rc"
# WWW
jail_www_hostname="www.home"
jail_www_rootdir="/jail/www/"
jail_www_ip="192.168.1.44"
jail_www_exec="/bin/sh /etc/rc"
# MAIL
jail_mail_hostname="mail.home"
jail_mail_rootdir="/jail/mail/"
jail_mail_ip="192.168.1.45"
jail_mail_exec="/bin/sh /etc/rc"
# BASE
jail_base_hostname="base.home"
jail_base_rootdir="/jail/base/"
jail_base_ip="192.168.1.46"
jail_base_exec="/bin/sh /etc/rc"

Here is the routing table:

Code:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.1.1        UGS         0   119662   fxp0
10.8.0.2           10.8.0.1           UH          0        3   tun0
127.0.0.1          127.0.0.1          UH          0     1454    lo0
192.168.1          link#1             UC          0        0   fxp0
192.168.1.1        00:16:b6:08:63:db  UHLW        2        1   fxp0    194
192.168.1.38       00:03:47:d9:8b:f4  UHLW        1       22   fxp0   1028
192.168.1.39       00:03:47:9c:30:d3  UHLW        1        1    lo0
192.168.1.40       00:03:47:9c:30:d3  UHLW        1    97838    lo0 =>
192.168.1.40/32    link#1             UC          0        0   fxp0
192.168.1.41       00:03:47:9c:30:d3  UHLW        1      471    lo0 =>
192.168.1.41/32    link#1             UC          0        0   fxp0
192.168.1.42       00:03:47:9c:30:d3  UHLW        1      438    lo0 =>
192.168.1.42/32    link#1             UC          0        0   fxp0
192.168.1.43       00:03:47:9c:30:d3  UHLW        1    15288    lo0 =>
192.168.1.43/32    link#1             UC          0        0   fxp0
192.168.1.44       00:03:47:9c:30:d3  UHLW        1     9737    lo0 =>
192.168.1.44/32    link#1             UC          0        0   fxp0
192.168.1.45       00:03:47:9c:30:d3  UHLW        1    68137    lo0 =>
192.168.1.45/32    link#1             UC          0        0   fxp0
192.168.1.46       00:03:47:9c:30:d3  UHLW        1     1472    lo0 =>
192.168.1.46/32    link#1             UC          0        0   fxp0
192.168.1.47       00:03:47:9c:30:d3  UHLW        1      459    lo0 =>
192.168.1.47/32    link#1             UC          0        0   fxp0
192.168.1.101      00:15:00:39:bf:90  UHLW        1   235904   fxp0    981
192.168.1.102      00:04:5a:6e:84:c1  UHLW        1      113   fxp0     52
192.168.1.255      ff:ff:ff:ff:ff:ff  UHLWb       1    90297   fxp0


OpenVPN is using 10.8.0.0/24 for tunneling... Firewall and nat is on a WRT54G router which the system is hooked to... Let me know if you need anything else....

Thanks for your help!!!
 
Back
Top