Manualshelf

User`s guide

ManualsBrandsVirtuozzo ManualsComputer equipmentSWsoft OpenVZ
61626364656667686970
Advanced Tasks 69
Enabling VPN for VPS
Virtual Private Network (VPN) is a technology which allows you to establish a secure network
connection even over an insecure public network. Setting up a VPN for a separate VPS is
possible via the TUN/TAP device. To allow a particular VPS to use this device, the following
steps are required:
Make sure the
tun module is already loaded before OpenVZ is started:
# lsmod | grep tun
In case it is not loaded, load it with the following command:
# modprobe tun
Allow the VPS to use the TUN/TAP device:
# vzctl set 101 --devices c:10:200:rw --save
Create the corresponding device inside the VPS and set the proper permissions:
# vzctl exec 101 mkdir -p /dev/net
# vzctl exec 101 mknod /dev/net/tun c 10 200
# vzctl exec 101 chmod 600 /dev/net/tun
Configuring the VPN proper is carried out as a common Linux administration task, which is out
of the scope of this guide. Some popular Linux software for setting up a VPN over the
TUN/TAP driver includes Virtual TUNnel (
http://vtun.sourceforge.net/) and OpenVPN
(
http://openvpn.sourceforge.net/).
Loading iptables Modules
The OpenVZ kernel provides support for additional iptables modules that are not loaded
automatically. If you want any of these modules to be loaded either to the Hardware Node or,
additionally, to any particular VPSs, you should do some manual operations.