VPN for Linux Dummies
stefanne...@gmail.com
I found a lot of info, but most relevant are these from the Qubes Github:
https://github.com/tasket/Qubes-vpn-support
https://github.com/tasket/qubes-tunnel
https://github.com/tasket/qubes-doc/blob/tunnel/configuration/vpn.md#set-up-a-proxyvm-as-a-vpn-gateway-using-the-qubes-tunnel-service
I was successful in setting up an appvm with vpn-handler-openvpn
I installed qubes-tunnel.git in fedora template
I copied the region relevant but general nordvpn config files from https://nordvpn.com/de/ovpn/ to /rw/config/vpn ...
But i got stuck, with a lot of questions on these different instructions. What is the qubes-vpn-support folder? How to enter the login and passwort for testing the connection to nordvpn? Is the vpn tunnel necessary?
Do you have some hints? (I can`t answer tomorrow, but on wednesday.)
Thx. Stefan
Chris Laprise
qubes-tunnel do the same thing; they're not intended to be combined.
I think the alternative you're looking for is the first part of the
Qubes VPN doc:
https://www.qubes-os.org/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-networkmanager
This way you can use Network Manager documentation for additional
guidance in the GUI, or use any specific steps NordVPN has created for
Network Manager.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
John Smiley
I thought I'd replied to this already, but I don't see it here (maybe it was on Reddit). Anyway, the use of a VPN with Tor Browser is a source of debate whether or not you're better off security-wise. Whonix devotes an entire doc to the subject. The gist is you're probably better off without VPN when using Whonix unless you have a very specific need and know what you're doing. https://www.whonix.org/wiki/Tunnels/Introduction
m...@militant.dk
snip
>
> Do you have some hints? (I can`t answer tomorrow, but on wednesday.)
>
I configured everything I needed via gui, to connect via appvm, but that might not work for you. Here's what I did:
https://www.militant.dk/2018/04/15/configuring-cisco-asa-vpn-on-qubes-4-0-with-openconnect/
Sincerely
Max
seshu
Chris, I recently got Nordvpn running on my 4.0.1 and I used their .deb package to install their app.
The one thing I like about their app is that when it fires up it scans the hundreds of servers they have to identify the server that is best to connect to. The process that Qubes-vpn-support uses relies on the user manually deciding which of the hundreds plus servers to use right, and then creating a ln to that ovpn file?
Do you think there could be a way to streamline or automate which ovpn file to use?
Thanks!
Chris Laprise
> Chris, I recently got Nordvpn running on my 4.0.1 and I used their .deb package to install their app.
>
> The one thing I like about their app is that when it fires up it scans the hundreds of servers they have to identify the server that is best to connect to. The process that Qubes-vpn-support uses relies on the user manually deciding which of the hundreds plus servers to use right, and then creating a ln to that ovpn file?
>
> Do you think there could be a way to streamline or automate which ovpn file to use?
>
> Thanks!
considers to be 'best'. Some providers like PIA allow you to specify a
region by domain name, and that domain name represents a bank of servers
from which a server is chosen at connection time; it appears to be a
standard load-balancing configuration.
If you don't want to use one server IP all the time, you could add many
IPs to the conf file along with 'remote-random' which will choose one
randomly. Alternately, you could see if NordVPN has regional domain
names and use one of those in your conf.
seshu
Ok thanks. that makes sense. I'll look into that aspect.
From a security perspective, checking for leaks, etc. is there a particular tool or technique you like to use? this idea of leaks is new to me so I want to check the nordvpn setup I have now to see how it compares.
Thanks!