Mount /dev/net/tun to LXC container when running VPN inside the container

I have a problem with running Windscribe VPN in a LXC container. When I try connect to VPN, it will fail due to missing /dev/net/tun file. I found that I should mount this file from the host into the container (right?).
I’ve added this line into the container configuration

lxc.mount.entry = /dev/net dev/net none bind,create=dir 0 0

I can see /dev/net/tun file but I can’t be accessed within the container.

ERROR: Cannot open TUN/TAP dev /dev/net/tun: Operation not permitted (errno=1)

How can I bypass this problem? Is it save to mount this file into LXC container? How can I grant the permission to remove this error?

I had this problem as well. Please try adding this to your container config:
#Add tun/tap for openvpn
lxc.cgroup.devices.allow = c 10:200 rwm
lxc.mount.entry = /dev/net dev/net none bind,create=dir 0 0
lxc.mount.entry = /dev/net/tun dev/net/tun none bind,create=file 0 0

Hi there

I’m still battling with this error and I don’t seem to get any joy through your workaround as yet.
What am I missing?

Thanks in advance.