No vpn-handler-openvpn in service tab
101 views
Skip to first unread message
Philip Pians
Jul 1, 2019, 11:13:56 PM7/1/19
to qubes-users
Using instructions to create VPN appvm (with provides network), no service called vpn-handler-openvpn, or any other with VPN in name under service tab, nor do any of the other VMs. Tried adding “network connections” from applications tab, and can select to import a VPN configuration then can’t proceed to do anything once file is selected because everything is greyed out.
I’ve looked and looked for help setting up VPN but info seems to be identical and not address this problem. Please help, if I can’t get past first step...
I’ve looked and looked for help setting up VPN but info seems to be identical and not address this problem. Please help, if I can’t get past first step...
Philip Pians
Jul 1, 2019, 11:18:43 PM7/1/19
to qubes-users
On Tuesday, July 2, 2019 at 3:13:56 AM UTC, Philip Pians wrote:
> Using instructions to create VPN appvm (with provides network), no service called vpn-handler-openvpn, or any other with VPN in name under service tab, nor do any of the other VMs. Tried adding “network connections” from applications tab, and can select to import a VPN configuration then can’t proceed to do anything once file is selected because everything is greyed out.
> I’ve looked and looked for help setting up VPN but info seems to be identical and not address this problem. Please help, if I can’t get past first step...
Edit: Here is instructions I followed:
> Using instructions to create VPN appvm (with provides network), no service called vpn-handler-openvpn, or any other with VPN in name under service tab, nor do any of the other VMs. Tried adding “network connections” from applications tab, and can select to import a VPN configuration then can’t proceed to do anything once file is selected because everything is greyed out.
> I’ve looked and looked for help setting up VPN but info seems to be identical and not address this problem. Please help, if I can’t get past first step...
https://github.com/tasket/Qubes-vpn-support
https://www.qubes-os.org/doc/vpn/
Chris Laprise
Jul 2, 2019, 12:36:22 AM7/2/19
to Philip Pians, qubes-users
first one...
The way to add a new service here is to just type it on the line and
click the plus sign.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
Philip Pians
Jul 2, 2019, 1:37:58 AM7/2/19
to qubes-users
Now at second step, there’s no such file or directory called vpn in /rw/config… can I just make this directory? Or is it supposed to exist with files in it?
Sphere
Jul 2, 2019, 3:24:47 AM7/2/19
to qubes-users
On Tuesday, July 2, 2019 at 5:37:58 AM UTC, Philip Pians wrote:
> On Tuesday, July 2, 2019 at 4:36:22 AM UTC, Chris Laprise wrote:
> > On 7/1/19 11:18 PM, Philip Pians wrote:
> > > On Tuesday, July 2, 2019 at 3:13:56 AM UTC, Philip Pians wrote:
> > >> Using instructions to create VPN appvm (with provides network), no service called vpn-handler-openvpn, or any other with VPN in name under service tab, nor do any of the other VMs. Tried adding “network connections” from applications tab, and can select to import a VPN configuration then can’t proceed to do anything once file is selected because everything is greyed out.
> > >> I’ve looked and looked for help setting up VPN but info seems to be identical and not address this problem. Please help, if I can’t get past first step...
> > >
> > > Edit: Here is instructions I followed:
> > > https://github.com/tasket/Qubes-vpn-support
> > > https://www.qubes-os.org/doc/vpn/
> >
> > You should only follow one of these, not both. I assume you meant the
> > first one...
> >
> > The way to add a new service here is to just type it on the line and
> > click the plus sign.
> >
> > --
> >
> > Chris Laprise
> On Tuesday, July 2, 2019 at 4:36:22 AM UTC, Chris Laprise wrote:
> > On 7/1/19 11:18 PM, Philip Pians wrote:
> > > On Tuesday, July 2, 2019 at 3:13:56 AM UTC, Philip Pians wrote:
> > >> Using instructions to create VPN appvm (with provides network), no service called vpn-handler-openvpn, or any other with VPN in name under service tab, nor do any of the other VMs. Tried adding “network connections” from applications tab, and can select to import a VPN configuration then can’t proceed to do anything once file is selected because everything is greyed out.
> > >> I’ve looked and looked for help setting up VPN but info seems to be identical and not address this problem. Please help, if I can’t get past first step...
> > >
> > > Edit: Here is instructions I followed:
> > > https://github.com/tasket/Qubes-vpn-support
> > > https://www.qubes-os.org/doc/vpn/
> >
> > You should only follow one of these, not both. I assume you meant the
> > first one...
> >
> > The way to add a new service here is to just type it on the line and
> > click the plus sign.
> >
> > --
> >
> > Chris Laprise
> > https://github.com/tasket
> > https://twitter.com/ttaskett
> > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
>
> Yes, quite a few threads link to the first one and seems more useful than the out of date second one. I’m a little embarrassed, thought I need to select from the drop-down menu…
> Now at second step, there’s no such file or directory called vpn in /rw/config… can I just make this directory? Or is it supposed to exist with files in it?
Usually for those cases you can just make a directory there and the service will start running
> > https://twitter.com/ttaskett
> > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
>
> Yes, quite a few threads link to the first one and seems more useful than the out of date second one. I’m a little embarrassed, thought I need to select from the drop-down menu…
> Now at second step, there’s no such file or directory called vpn in /rw/config… can I just make this directory? Or is it supposed to exist with files in it?
Note that you have to make this directory in the template VM that your VPN qube is using so that you won't have to do this every single time you start your VPN qube.
Chris Laprise
Jul 2, 2019, 12:33:31 PM7/2/19
to Sphere, qubes-users
proxyVM; it will stay there even after rebooting.
--
Chris Laprise, tas...@posteo.net
Philip Pians
Jul 3, 2019, 5:34:32 PM7/3/19
to qubes-users
Must be doing something wrong? Wanted to do the test stage and discovered no file called vpn-client-conf. There’s only Openvpn.ovpn; ca.crt; client.crt, and client.key that download from VPN provider. Help please.
Chris Laprise
Jul 3, 2019, 11:49:42 PM7/3/19
to Philip Pians, qubes-users
On 7/3/19 5:34 PM, Philip Pians wrote:
> Must be doing something wrong? Wanted to do the test stage and discovered no file called vpn-client-conf. There’s only Openvpn.ovpn; ca.crt; client.crt, and client.key that download from VPN provider. Help please.
>
Where it says:
> Must be doing something wrong? Wanted to do the test stage and discovered no file called vpn-client-conf. There’s only Openvpn.ovpn; ca.crt; client.crt, and client.key that download from VPN provider. Help please.
>
sudo cp US_East.ovpn vpn-client.conf
...the 'US_East.ovpn' is just an example. So you would do this instead:
sudo cp Openvpn.ovpn vpn-client.conf
Philip Pians
Jul 4, 2019, 2:32:55 AM7/4/19
to qubes-users
l1am...@gmail.com
Jul 4, 2019, 4:16:05 AM7/4/19
to qubes-users
You need to clone it with these commands:
1. Install git if its not installed with "sudo dnf install git" or "sudo apt install git"
2. Run "git clone https://github.com/tasket/Qubes-vpn-support.git"
3. Then the "Qubes-vpn-support" directory will exist
Chris Laprise
Jul 4, 2019, 11:51:46 AM7/4/19
to qubes-users, Philip Pians
Qubes-vpn-support from a browser: On the Qubes-vpn-support project page,
click the "Clone or download" button then click "Download ZIP".
If you downloaded it in a different VM than your VPN (proxy) VM, just
Qubes copy it there:
https://www.qubes-os.org/doc/copying-files/
This is a basic Qubes skill. You may want to review the Common Tasks
section of the docs to get familiar with Qubes:
https://www.qubes-os.org/doc/#common-tasks
Philip Pians
Jul 5, 2019, 2:37:00 AM7/5/19
to qubes-users
A DDG search yielded no hits, so my question now is, is this repairable?
Philip Pians
Jul 5, 2019, 2:42:38 AM7/5/19
to qubes-users
Philip Pians
Jul 5, 2019, 2:48:04 AM7/5/19
to qubes-users
Andrew David Wong
Jul 5, 2019, 5:24:31 AM7/5/19
to Philip Pians, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 05/07/2019 1.48 AM, Philip Pians wrote:
> [...]
(see the Advanced tab) has a different Networking setting than this
qube. This configuration may result in unexpected network access. For
example, you may have set this qube's Networking to "none" in order to
prevent any data from being transmitted out. However, if the Default
DisposableVM Template's Networking is set to "sys-firewall," then a
DisposableVM started from this qube may be able to transmit data out,
contrary to your intention. You may wish to set the Default
DisposableVM Template for this qube to one with equally restrictive
Networking settings.
Related issue:
https://github.com/QubesOS/qubes-issues/issues/5115
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl0fF0EACgkQ203TvDlQ
MDC8qQ//QXiZHafmf8/sDKnnY/BtalQpTwwjPjL8M99cKy2bvVT4UGtkalC1NwN/
aFuv9UIbChqtBCdrtONeDcmDmU7kwhrJGn5BfuFS8MeogrMqvLgIuVbEhfRH7Z/r
jIHw+bMtOXBmhGPBLdbERCtzsT8FeZ06bmM/uZQBX/kgz3Qp5JvHQ2aqPlRkx+zE
uJS97h1UncacpSFGxDNcSGFrclGRCW5qtHkHCfJii3lbulx/QVwRX9M3ZQ+o3Dva
yRu/4oVlswPxPzs6GDrXTSqlrX/iVctHODcvQTHMkEW/19TaXPej2G8zrs5v9el6
kfpJiuOc431ouXEjuk7Mvqd1VRnAAauCso9E9wYrTsXzX53L/2J8q/req7yeQOBb
Zd99yXSz1UyP8xhTpO0tuU4EJ3U9t07mkl5YvicxvUaOIiL3G0/hdoomSGF0pDvB
3LurLPerZK25zwbDf2rP2aZPzUyzA/Rbmttjh1MYmw9K6ka2Mf9srMSM6hu0SA0T
mSrc8uN7qwYPi3mav3/n4/qBAGxrlir2sfW5m1CpdMwubys7tNMQzDQKTfyBWGnd
4eyds3MG4a+CsBpFFMeV4iPDCHF3fpFDLVVEl40VJUs8nXMHoK1lvltZDALmyLQC
vHfERq7K8WFQIobdBIZVIvM8Dqv/kmPAVfA82H21UB/AxQvUvvc=
=LMia
-----END PGP SIGNATURE-----
Hash: SHA512
On 05/07/2019 1.48 AM, Philip Pians wrote:
> [...]
>
> Edit: There’s also a little yellow caution sign beside networking
> which says “Caution: default DispVM template has a different
> Networking setting than this Qube. Unexpected network access may
> occur!”
>
The presence of that icon means that the Default DisposableVM Template
> Edit: There’s also a little yellow caution sign beside networking
> which says “Caution: default DispVM template has a different
> Networking setting than this Qube. Unexpected network access may
> occur!”
>
(see the Advanced tab) has a different Networking setting than this
qube. This configuration may result in unexpected network access. For
example, you may have set this qube's Networking to "none" in order to
prevent any data from being transmitted out. However, if the Default
DisposableVM Template's Networking is set to "sys-firewall," then a
DisposableVM started from this qube may be able to transmit data out,
contrary to your intention. You may wish to set the Default
DisposableVM Template for this qube to one with equally restrictive
Networking settings.
Related issue:
https://github.com/QubesOS/qubes-issues/issues/5115
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAl0fF0EACgkQ203TvDlQ
MDC8qQ//QXiZHafmf8/sDKnnY/BtalQpTwwjPjL8M99cKy2bvVT4UGtkalC1NwN/
aFuv9UIbChqtBCdrtONeDcmDmU7kwhrJGn5BfuFS8MeogrMqvLgIuVbEhfRH7Z/r
jIHw+bMtOXBmhGPBLdbERCtzsT8FeZ06bmM/uZQBX/kgz3Qp5JvHQ2aqPlRkx+zE
uJS97h1UncacpSFGxDNcSGFrclGRCW5qtHkHCfJii3lbulx/QVwRX9M3ZQ+o3Dva
yRu/4oVlswPxPzs6GDrXTSqlrX/iVctHODcvQTHMkEW/19TaXPej2G8zrs5v9el6
kfpJiuOc431ouXEjuk7Mvqd1VRnAAauCso9E9wYrTsXzX53L/2J8q/req7yeQOBb
Zd99yXSz1UyP8xhTpO0tuU4EJ3U9t07mkl5YvicxvUaOIiL3G0/hdoomSGF0pDvB
3LurLPerZK25zwbDf2rP2aZPzUyzA/Rbmttjh1MYmw9K6ka2Mf9srMSM6hu0SA0T
mSrc8uN7qwYPi3mav3/n4/qBAGxrlir2sfW5m1CpdMwubys7tNMQzDQKTfyBWGnd
4eyds3MG4a+CsBpFFMeV4iPDCHF3fpFDLVVEl40VJUs8nXMHoK1lvltZDALmyLQC
vHfERq7K8WFQIobdBIZVIvM8Dqv/kmPAVfA82H21UB/AxQvUvvc=
=LMia
-----END PGP SIGNATURE-----
Chris Laprise
Jul 5, 2019, 10:31:02 AM7/5/19
to Philip Pians, qubes-users
On 7/5/19 2:48 AM, Philip Pians wrote:
>> …Followed instructions, next day start up Qubes, got networking error, opened settings for sys-net, saw under networking it said (none) (current), tried changing it to sys-firewall (default) and got “[Dom0] Error while changing settin (sic) ERROR: Basic tab: Loops in network are unsupported”. Immediately after that the internet connection was disconnected, and it won’t reconnect even by putting networking back to (none) (current). I tried all the different networking options all of them give the same “Loops” error message and nothing. By randomly clicking the firewall tab, it says in red lettering “This qube has no networking – it will not have any network access anyway”. And a popup also says “[Dom0] Qube configuration problem! This qube has networking disabled (Basic -> Networking) network will be disabled. If you want to use firewall please enable networking”.
The sys-net VM should always have its netvm set to (none), because its
>> …Followed instructions, next day start up Qubes, got networking error, opened settings for sys-net, saw under networking it said (none) (current), tried changing it to sys-firewall (default) and got “[Dom0] Error while changing settin (sic) ERROR: Basic tab: Loops in network are unsupported”. Immediately after that the internet connection was disconnected, and it won’t reconnect even by putting networking back to (none) (current). I tried all the different networking options all of them give the same “Loops” error message and nothing. By randomly clicking the firewall tab, it says in red lettering “This qube has no networking – it will not have any network access anyway”. And a popup also says “[Dom0] Qube configuration problem! This qube has networking disabled (Basic -> Networking) network will be disabled. If you want to use firewall please enable networking”.
the one VM that communicates through the hardware and not through
another VM.
Philip Pians
Jul 5, 2019, 9:05:58 PM7/5/19
to qubes-users
Hmm… First install of Qubes had networking error which couldn’t be completely rectified without fresh install. Second install seemed to have worked flawlessly, but if the DisposableVM’s networking setting is not what it should be by default, is it possible my Qubes iso is faulty? The only networking I recall changing is that of sys-net, and the VPN AppVM at time of creating if you count that? Perhaps a third install is needed? Changing sys-net networking back to (none) (current) hasn't helped being able to connect to the net again, so can't even find out if I finally got the VPN setup correctly.
Jon deps
Jul 6, 2019, 1:09:19 AM7/6/19
to qubes...@googlegroups.com
On 7/6/19 1:05 AM, Philip Pians wrote:
> Hmm… First install of Qubes had networking error which couldn’t be completely rectified without fresh install. Second install seemed to have worked flawlessly, but if the DisposableVM’s networking setting is not what it should be by default, is it possible my Qubes iso is faulty? The only networking I recall changing is that of sys-net, and the VPN AppVM at time of creating if you count that? Perhaps a third install is needed? Changing sys-net networking back to (none) (current) hasn't helped being able to connect to the net again, so can't even find out if I finally got the VPN setup correctly.
>
in a dom0 terminal you can do
> Hmm… First install of Qubes had networking error which couldn’t be completely rectified without fresh install. Second install seemed to have worked flawlessly, but if the DisposableVM’s networking setting is not what it should be by default, is it possible my Qubes iso is faulty? The only networking I recall changing is that of sys-net, and the VPN AppVM at time of creating if you count that? Perhaps a third install is needed? Changing sys-net networking back to (none) (current) hasn't helped being able to connect to the net again, so can't even find out if I finally got the VPN setup correctly.
>
$qubes-prefs to see what the default system-wide default_disp_vm is
or you the menus -> global settings
I advise if your concerned just do
$qube-prefs default_dispvm none
then later when you've used qubes for a while you can use the Qubes
Manager Application and go in there and change some qube to the
disposable vm you might want
like for opening pdf files from thunderbird, so you would use your Mail
AppVM (TBAVM) "qube" settings to change to 1 AppVM disposable VM
setting rather than system-wide, then you won't have to see the yellow
triangles :)
Philip Pians
Jul 6, 2019, 4:22:50 AM7/6/19
to qubes-users
Opted for the fresh install as a precaution. After following all the instructions for setting up vpn AppVM, couldn’t figure out how to turn it on, in Linux you just flick a button under vpn and it’s done. Checked website to see what my ip was, shows actual one. Tried troubleshooting tip “systemctl status qubes-vpn-handler” got error “Unit qubes-vpn-handler.service could not be found”.
Is that different than the vpn-handler-openvpn that I had to add in the service tab of the AppVM? If not, why isn’t it found?
Is that different than the vpn-handler-openvpn that I had to add in the service tab of the AppVM? If not, why isn’t it found?
Chris Laprise
Jul 6, 2019, 5:17:39 AM7/6/19
to Philip Pians, qubes-users
On 7/6/19 4:22 AM, Philip Pians wrote:
> Opted for the fresh install as a precaution. After following all the instructions for setting up vpn AppVM, couldn’t figure out how to turn it on, in Linux you just flick a button under vpn and it’s done. Checked website to see what my ip was, shows actual one. Tried troubleshooting tip “systemctl status qubes-vpn-handler” got error “Unit qubes-vpn-handler.service could not be found”.
> Is that different than the vpn-handler-openvpn that I had to add in the service tab of the AppVM? If not, why isn’t it found?
I won't get into service naming conventions here.
> Opted for the fresh install as a precaution. After following all the instructions for setting up vpn AppVM, couldn’t figure out how to turn it on, in Linux you just flick a button under vpn and it’s done. Checked website to see what my ip was, shows actual one. Tried troubleshooting tip “systemctl status qubes-vpn-handler” got error “Unit qubes-vpn-handler.service could not be found”.
> Is that different than the vpn-handler-openvpn that I had to add in the service tab of the AppVM? If not, why isn’t it found?
Instructions say to restart the proxyVM (i.e. the vpn appVM) to start
the connection. That means the connection starts when the proxyVM starts.
The service wasn't found because if you install it directly into a
proxyVM, it is added to the OS on each boot from a system startup script
(that's because you chose not to add it to the OS template). So it won't
be registered or active right after installation; a restart is necessary.
Reply all
Reply to author
Forward
0 new messages