ANN: Qubes-vpn-support v1.4.1 released!
137 views
Skip to first unread message
Chris Laprise
Jun 20, 2019, 4:00:22 PM6/20/19
to qubes-users
Version 1.4.1 of Qubes-vpn-support has been released. It includes tweaks
for smoother operation, greater control over the firewall, and revised
docs in the Readme:
https://github.com/tasket/Qubes-vpn-support
Features
Provides a fail closed, antileak VPN tunnel environment
Isolates the tunnel client within a dedicated Proxy VM
Prevents configuration errors
Separate firewall VM not required
Easy setup
Simple install script; No file editing or IP numbers necessary
Lets you 'drop in' configuration files from VPN service provider
Flexible installation into template or to individual ProxyVMs
New in this version, v1.4.1
Qubes 4.0.1 support
Control over specific firewall restrictions
Better compatibility with MTU fragmentation detection
New in v1.4.0
Anti-leak for IPv6
All DNS requests forced to chosen VPN DNS
Firewall integrity checked before connecting
Quicker re-connection
Supports passwordless cert authentication
* Also note that Qubes 3.x is no longer detected or supported.
* Updating to the new version is simple and described in the
'Quickstart' guide.
* For users of qubes-tunnel (twin vpn project), an equivalent update is
forthcoming in the next week. However, if you wish to switch to
Qubes-vpn-support now, you can install it without issues for a new VPN VM.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
for smoother operation, greater control over the firewall, and revised
docs in the Readme:
https://github.com/tasket/Qubes-vpn-support
Features
Provides a fail closed, antileak VPN tunnel environment
Isolates the tunnel client within a dedicated Proxy VM
Prevents configuration errors
Separate firewall VM not required
Easy setup
Simple install script; No file editing or IP numbers necessary
Lets you 'drop in' configuration files from VPN service provider
Flexible installation into template or to individual ProxyVMs
New in this version, v1.4.1
Qubes 4.0.1 support
Control over specific firewall restrictions
Better compatibility with MTU fragmentation detection
New in v1.4.0
Anti-leak for IPv6
All DNS requests forced to chosen VPN DNS
Firewall integrity checked before connecting
Quicker re-connection
Supports passwordless cert authentication
* Also note that Qubes 3.x is no longer detected or supported.
* Updating to the new version is simple and described in the
'Quickstart' guide.
* For users of qubes-tunnel (twin vpn project), an equivalent update is
forthcoming in the next week. However, if you wish to switch to
Qubes-vpn-support now, you can install it without issues for a new VPN VM.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
Anhangá
Jun 21, 2019, 8:39:12 AM6/21/19
to qubes-users
Can it be used in a VMProxy to estabilish a tunnel like AppVm -> Tor -> VMProxy(VPN) -> Internet?
I tried the qubes documentation to create a VMProxy through CLI and iptable, it worked to estabilish connection with openVPN in the VMProxy.
I set the NetVM as VMProxy in my anon-whonixVM, but for some reason, it bypass the VMProxy and uses only the Tor Network.
Jon deps
Jun 21, 2019, 7:27:59 PM6/21/19
to qubes...@googlegroups.com
am repeatedly getting the corner pop-up box "Ready to Start Link"
.... and using it as the netvm there is no networking
Jon deps
Jun 21, 2019, 7:37:29 PM6/21/19
to qubes...@googlegroups.com
Chris Laprise
Jun 21, 2019, 7:38:09 PM6/21/19
to Anhangá, qubes-users
On 6/21/19 8:39 AM, Anhangá wrote:
> Can it be used in a VMProxy to estabilish a tunnel like AppVm -> Tor -> VMProxy(VPN) -> Internet?
Yes, it is the same idea.
> Can it be used in a VMProxy to estabilish a tunnel like AppVm -> Tor -> VMProxy(VPN) -> Internet?
>
> I tried the qubes documentation to create a VMProxy through CLI and iptable, it worked to estabilish connection with openVPN in the VMProxy.
> I set the NetVM as VMProxy in my anon-whonixVM, but for some reason, it bypass the VMProxy and uses only the Tor Network.
to be simply using Tor. Its only when examining your local net traffic
that you can see Tor is carried inside the VPN tunnel (no Tor packets
visible to your ISP).
Jon deps
Jul 4, 2019, 1:51:41 PM7/4/19
to qubes...@googlegroups.com
On 6/20/19 8:00 PM, Chris Laprise wrote:
Template for QVS to work ?
I'm finding that
sudo apt-get install openvpn isn't enough on the default Deb-9
Template just installed, and copying over backed up AppVMs from
another machine.
It does worked with another Debian-9 template copied over from the other
machine but I'd like to use the fresh installed Deb-9 on the new
machine instead.
am finding that bash ./install is just returning empty if it's
installed already ..... would that be normal ?
Regards
Chris Laprise
Jul 5, 2019, 10:41:51 AM7/5/19
to Jon deps, qubes...@googlegroups.com
> I'm finding that
> sudo apt-get install openvpn isn't enough on the default Deb-9
> Template just installed, and copying over backed up AppVMs from
> another machine.
>
> It does worked with another Debian-9 template copied over from the other
> machine but I'd like to use the fresh installed Deb-9 on the new
> machine instead.
>
>
> am finding that bash ./install is just returning empty if it's
> installed already ..... would that be normal ?
-
Also..... I just posted a bug fix. VPN passwords with special symbols
like '\' were not being saved correctly, preventing successful
connection in that case. The updated code should save any combination of
ASCII symbols correctly now.
Reply all
Reply to author
Forward
0 new messages