Qubes-Vpn-support not connected. Please help me.
38 views
Skip to first unread message
menol...@gmail.com
Dec 20, 2018, 2:11:23 PM12/20/18
to qubes-users
Hello, I am trying to configure Qubes-vpn-support https://github.com/tasket/Qubes-vpn-support/ , but I can not. Help. What do I need to do to complete the VPN setup? https://github.com/tasket/Qubes-vpn-support/
[user@VPN1 ~]$ systemctl status qubes-vpn-handler
● qubes-vpn-handler.service - VPN Client for Qubes proxyVM
Loaded: loaded (/usr/lib/systemd/system/qubes-vpn-handler.service; enabled; v
Drop-In: /usr/lib/systemd/system/qubes-vpn-handler.service.d
└─00_example.conf
Active: active (running) since Thu 2018-12-20 21:24:36 MSK; 6min ago
Process: 2409 ExecStopPost=/usr/lib/qubes/qubes-vpn-setup --post-stop (code=ex
Process: 2451 ExecStartPost=/usr/lib/qubes/qubes-vpn-setup --post-start (code=
Process: 2416 ExecStartPre=/usr/lib/qubes/qubes-vpn-setup --pre-start (code=ex
Process: 2412 ExecStartPre=/usr/lib/qubes/qubes-vpn-setup --check-firewall (co
Main PID: 2450 (qubes-vpn-setup)
Tasks: 2 (limit: 4915)
CGroup: /system.slice/qubes-vpn-handler.service
├─2450 /bin/sh /usr/lib/qubes/qubes-vpn-setup --start-exec
└─2455 /usr/sbin/openvpn --cd /rw/config/vpn/ --config /tmp/vpn-clien
lines 1-14/14 (END)
========================================================================
[user@VPN1 ~]$ journalctl -u qubes-vpn-handler
-- Logs begin at Tue 2018-12-11 19:45:56 MSK, end at Thu 2018-12-20 21:30:47 MSK. --
Dec 20 20:47:46 VPN1 systemd[1]: Starting VPN Client for Qubes proxyVM...
Dec 20 20:47:46 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 20 20:47:48 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 20 20:47:50 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 20 20:47:50 VPN1 qubes-vpn-setup[1014]: Error: Firewall rule(s) not enabled!
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Control process exited, code=exited status=1
Dec 20 20:47:50 VPN1 systemd[1]: Failed to start VPN Client for Qubes proxyVM.
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Unit entered failed state.
Dec 20 20:47:51 VPN1 qubes-vpn-setup[1207]: STOP-ing network forwarding!
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Failed with result 'exit-code'.
Dec 20 20:48:01 VPN1 systemd[1]: qubes-vpn-handler.service: Service hold-off time over, scheduling restart.
Dec 20 20:48:01 VPN1 systemd[1]: Stopped VPN Client for Qubes proxyVM.
Dec 20 20:48:01 VPN1 systemd[1]: Starting VPN Client for Qubes proxyVM...
Dec 20 20:48:01 VPN1 qubes-vpn-setup[1770]: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 20 20:48:04 VPN1 su[1858]: (to user) root on none
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2086]: START-ing network forwarding!
Dec 20 20:48:10 VPN1 systemd[1]: Started VPN Client for Qubes proxyVM.
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: EXEC /usr/sbin/openvpn --cd /rw/config/vpn/ --config /tmp/vpn-client.conf --verb 3 --mlock --ping 10 --ping-restart 42 --conne
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 OpenVPN 2.4.5 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 library versions: OpenSSL 1.1.0g-fips 2 Nov 2017, LZO 2.08
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 mlockall call succeeded
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 WARNING: you are using user/group/chroot/setcon without persist-tun -- this may cause restarts to fai
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 20 20:48:21 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:21 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Dec 20 20:48:31 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:31 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Dec 20 20:48:52 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:52 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 Could not determine IPv4/IPv6 protocol
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 SIGUSR1[soft,init_instance] received, process restarting
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 Restart pause, 5 second(s)
lines 1-32
=======================================================
PLEASE HELP ME!!
[user@VPN1 ~]$ systemctl status qubes-vpn-handler
● qubes-vpn-handler.service - VPN Client for Qubes proxyVM
Loaded: loaded (/usr/lib/systemd/system/qubes-vpn-handler.service; enabled; v
Drop-In: /usr/lib/systemd/system/qubes-vpn-handler.service.d
└─00_example.conf
Active: active (running) since Thu 2018-12-20 21:24:36 MSK; 6min ago
Process: 2409 ExecStopPost=/usr/lib/qubes/qubes-vpn-setup --post-stop (code=ex
Process: 2451 ExecStartPost=/usr/lib/qubes/qubes-vpn-setup --post-start (code=
Process: 2416 ExecStartPre=/usr/lib/qubes/qubes-vpn-setup --pre-start (code=ex
Process: 2412 ExecStartPre=/usr/lib/qubes/qubes-vpn-setup --check-firewall (co
Main PID: 2450 (qubes-vpn-setup)
Tasks: 2 (limit: 4915)
CGroup: /system.slice/qubes-vpn-handler.service
├─2450 /bin/sh /usr/lib/qubes/qubes-vpn-setup --start-exec
└─2455 /usr/sbin/openvpn --cd /rw/config/vpn/ --config /tmp/vpn-clien
lines 1-14/14 (END)
========================================================================
[user@VPN1 ~]$ journalctl -u qubes-vpn-handler
-- Logs begin at Tue 2018-12-11 19:45:56 MSK, end at Thu 2018-12-20 21:30:47 MSK. --
Dec 20 20:47:46 VPN1 systemd[1]: Starting VPN Client for Qubes proxyVM...
Dec 20 20:47:46 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 20 20:47:48 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 20 20:47:50 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 20 20:47:50 VPN1 qubes-vpn-setup[1014]: Error: Firewall rule(s) not enabled!
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Control process exited, code=exited status=1
Dec 20 20:47:50 VPN1 systemd[1]: Failed to start VPN Client for Qubes proxyVM.
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Unit entered failed state.
Dec 20 20:47:51 VPN1 qubes-vpn-setup[1207]: STOP-ing network forwarding!
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Failed with result 'exit-code'.
Dec 20 20:48:01 VPN1 systemd[1]: qubes-vpn-handler.service: Service hold-off time over, scheduling restart.
Dec 20 20:48:01 VPN1 systemd[1]: Stopped VPN Client for Qubes proxyVM.
Dec 20 20:48:01 VPN1 systemd[1]: Starting VPN Client for Qubes proxyVM...
Dec 20 20:48:01 VPN1 qubes-vpn-setup[1770]: iptables: Bad rule (does a matching rule exist in that chain?).
Dec 20 20:48:04 VPN1 su[1858]: (to user) root on none
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2086]: START-ing network forwarding!
Dec 20 20:48:10 VPN1 systemd[1]: Started VPN Client for Qubes proxyVM.
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: EXEC /usr/sbin/openvpn --cd /rw/config/vpn/ --config /tmp/vpn-client.conf --verb 3 --mlock --ping 10 --ping-restart 42 --conne
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 OpenVPN 2.4.5 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 library versions: OpenSSL 1.1.0g-fips 2 Nov 2017, LZO 2.08
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 mlockall call succeeded
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 WARNING: you are using user/group/chroot/setcon without persist-tun -- this may cause restarts to fai
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Dec 20 20:48:21 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:21 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Dec 20 20:48:31 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:31 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Dec 20 20:48:52 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:52 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 Could not determine IPv4/IPv6 protocol
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 SIGUSR1[soft,init_instance] received, process restarting
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 Restart pause, 5 second(s)
lines 1-32
=======================================================
PLEASE HELP ME!!
Chris Laprise
Dec 20, 2018, 2:42:58 PM12/20/18
to menol...@gmail.com, qubes-users
On 12/20/2018 02:11 PM, menol...@gmail.com wrote:
> Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
That's the problem.
> Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 RESOLVE: Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service not known)
Did you test the connection as suggested in Step 2, before running install?
Also, what is the difference between the old style and the new style men?
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
Message has been deleted
Message has been deleted
menol...@gmail.com
Dec 21, 2018, 5:50:17 AM12/21/18
to qubes-users
четверг, 20 декабря 2018 г., 22:42:58 UTC+3 пользователь Chris Laprise написал:
Problem solved. Now there is another problem. Windows VM works fine through sys-firewall and sys-net. Any created upvm does not work through sys-net and sys-firewall. Any created upvm works only through a sys-whonix. sys-whonix works through sys-firewall. Suppose I create a new apm and execute a command in the terminal:
sudo git clone https://github.com/tasket/qubes-vpn-support.git/
After that, the terminal writes to me:
unable to acess 'https://github.com/tasket/qubes-vpn-support.git/': unable to resolve host: github.com
If I switch the connection to sys-whonix, then everything will work.
Friends, you can help me solve this problem. And forgive me for my bad english. Thank!
sudo git clone https://github.com/tasket/qubes-vpn-support.git/
After that, the terminal writes to me:
unable to acess 'https://github.com/tasket/qubes-vpn-support.git/': unable to resolve host: github.com
If I switch the connection to sys-whonix, then everything will work.
Friends, you can help me solve this problem. And forgive me for my bad english. Thank!
Reply all
Reply to author
Forward
0 new messages