Can't get ProxyVM based VPN working
48 views
Skip to first unread message
ad51...@gmail.com
Jun 4, 2016, 10:43:41 AM6/4/16
to qubes-users
I've been trying to configure a ProxyVM with a VPN for a while now, and I can't seem to get it to work. I've tried both the NetworkManager instructions and the command line instructions from here: https://www.qubes-os.org/doc/vpn/. The NetworkManager always times out when attempting to connect to the VPN (funnily enough, it does this in KDE on a separate system too) despite the command line openvpn client working flawlessly and all of the plugins being installed. I'm not sure what goes wrong with the command line version; it does successfully create the tun adapter, but can't resolve hostnames. If I manually reconfigure the DNS using resolv.conf, it begins resolving fine, but no traffic travels through the VPN. Is there any way I can fix this?
Chris Laprise
Jun 4, 2016, 5:36:29 PM6/4/16
to ad51...@gmail.com, qubes-users
On 06/04/2016 10:43 AM, ad51...@gmail.com wrote:
> I've been trying to configure a ProxyVM with a VPN for a while now, and I can't seem to get it to work. I've tried both the NetworkManager instructions and the command line instructions from here: https://www.qubes-os.org/doc/vpn/. The NetworkManager always times out when attempting to connect to the VPN (funnily enough, it does this in KDE on a separate system too) despite the command line openvpn client working flawlessly and all of the plugins being installed. I'm not sure what goes wrong with the command line version; it does successfully create the tun adapter, but can't resolve hostnames. If I manually reconfigure the DNS using resolv.conf, it begins resolving fine, but no traffic travels through the VPN. Is there any way I can fix this?
>
the user to hard-code IP addresses in several places (and you can't use
domain names for the server). This is an error-prone approach.
I created a couple scripts to handle all of it here -
https://github.com/ttasket/Qubes-vpn-support
and discussion thread -
https://groups.google.com/d/msgid/qubes-devel/57516C4B.4070305%40openmailbox.org
Hope you find it useful...
Chris
ad51...@gmail.com
Jun 6, 2016, 4:29:05 AM6/6/16
to qubes-users, ad51...@gmail.com, tas...@openmailbox.org
On Sunday, 5 June 2016 05:36:29 UTC+8, Chris Laprise wrote:
> The current version of the VPN doc is hard to follow because it requires
> the user to hard-code IP addresses in several places (and you can't use
> domain names for the server). This is an error-prone approach.
>
> I created a couple scripts to handle all of it here -
> https://github.com/ttasket/Qubes-vpn-support
> and discussion thread -
> https://groups.google.com/d/msgid/qubes-devel/57516C4B.4070305%40openmailbox.org
> The current version of the VPN doc is hard to follow because it requires
> the user to hard-code IP addresses in several places (and you can't use
> domain names for the server). This is an error-prone approach.
>
> I created a couple scripts to handle all of it here -
> https://github.com/ttasket/Qubes-vpn-support
> and discussion thread -
> https://groups.google.com/d/msgid/qubes-devel/57516C4B.4070305%40openmailbox.org
I gave your scripts a go, and they've failed the same way the iptables method in the official docs does. I did manage to get it working by manually opening a VPN connection and using the routing method described here under Routing Traffic Via Your VPN Connection though: https://support.hidemyass.com/hc/en-us/articles/202721486-Using-Linux-Virtual-Machine-instead-of-a-router-for-VPN
Reply all
Reply to author
Forward
0 new messages