How to Setup TUN Mode in Proxmox LXC
A quick guide to enabling TUN in Proxmox LXC containers. Applicable for both Unprivileged and Privileged containers!
SK
Stefan Khor
What is TUN?
TUN (Network Tunnel) is virtual network kernel devices which will simulate a network layer device.
When to Enable TUN?
Enable TUN if you:
- Plan to run VPN services/servers/clients (OpenVPN, WireGuard, etc.) inside containers
- Use applications that require low-level network tunneling
- Need more advanced networking setups inside a container
⚡ Without TUN, most VPN services won't work inside an LXC container!
How to Enable TUN in Proxmox LXC?
Enabling TUN for Proxmox LXC can be easily done by following these steps:
- Login to your Proxmox host (via SSH or the built-in Shell in the WebUI)
- Edit your LXC container configuration:
bash
nano /etc/pve/lxc/<CTID>.conf - Add these lines into your LXC config:
bash
lxc.cgroup2.devices.allow: c 10:200 rwm lxc.mount.entry: /dev/net/tun dev/net/tun none bind,create=file - Restart LXC container:
bash
pct restart <CTID> - Finally, you may verify TUN is available inside the LXC container:
bash
cat /dev/net/tun
© 2025Stefan KhorAll rights reserved.
Also known as Khor Jia Quan — find out more about Stefan Khor here.