OpenVPN setup for Qubes
-----------------------
This is an update of the instructions posted in a previous thread[1],
for a type of connection that completely tunnels all traffic to/from VMs
that are connected to the VPN VM for general Internet use.
Actually, now I recall, it's a problem with Fedora 21+ and OpenVPN
https://groups.google.com/forum/?hl=en#!searchin/qubes-users/OpenVPN$20setup$2C$20revisited/qubes-users/tC6SBAD_yr4/XvMKhulUJQAJ
Just use the debian template
-----BEGIN PGP SIGNED MESSAGE-----
Make sure you've specified correct ca.crt (the one you've got from your
VPN provider).
- --
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
-
-----END PGP SIGNATURE-----
Thanks for posting this manual!
I followed every step and the vpn is manually working :)
I got several problems..
Can someone help me with this?
1/ The VPN is manually working with this command:
$ sudo openvpn --writepid /var/run/openvpn/openvpn-client.pid --cd
/rw/config/openvpn/ --config openvpn-client.ovpn
unfortunately the VPN connection is not automatic activated when the sys-vpn is rebooted!
I created a AppVM and point the netVm to this sys-vpn, and when I check my IP is my "normal" IP without vpn.
When I manually make the connection, the vpn is normally working in this appvm.
So my first question is, how to get this working automatic?
And second, the most important.. how can I PREVENT that my AppVM goes online WITHOUT vpn protection??
thanks!
Thanks mate..
Its working now!!
I use this in combination with the sys-whonix.
I pointed sys-whonix NETvm to sys-vpn ...
When I startup Qubes the VPN and TOR is connecting the same time..
How can I force TOR to wait for the VPN is up?
It's now more a lucky shot if VPN is first of second before TOR
Nice reply!!
Your knowledge is way beyond mine .. So I think I cannot help you with this :(
I followed this thread and my vpn is working when the sys-vpn is online.
I UNCHECKED the automatic startup of whonix, so this way I am in control that the VPN must be online first.
It's sort of a work around ;)
My worst concern.. and maybe the most important thing to fix..
Is that there is no "check" that monitors the VPN connection.
IF the VPN is down...then TOR is reconnecting (with my OWN ip) and still up,
so my Appvm's is also reconnected without the VPN...
This is my biggest concern :(