On Saturday, 15 September 2018 04:21:53 UTC+1, Wolf moon wrote:
Okay guys so I am signed up to Nordvpn. ( To note: I always update everything in Qube manager )
I started off by google searching how to set up a vpn on qubes. I dont have every forum page be it google groups or reddit page saved I read unfortunately.
But they generally instructed me to do go through the steps to set up a vpn as Qubes instructs on their page
https://www.qubes-os.org/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-networkmanager
Specifically Set up a ProxyVM as a VPN gateway using iptables and CLI scripts
What I was referencing referring to the diagram/photo being outdated or of the old version of Qubes prior to 4.0 was the Dom0 create a new Vm. It just comes up looking different which is what one of the OPs mentioned on one of the how to guides I found.
Moving forward.
Certain commands didn't work like sudo which after googling one forum posted in Qubes you dont use sudo much, dnf ( what ever that is ) is used instead which is what I used.
I created a Qube named it Nordvpn > Template > Fedora-26 > Networking > sys-net
Appvm
From there the rest of the instructions didn't work on Qubes for me.
Apart from downloading the nord config files successfully which are in my nordvpn documents folder with all the server addresses as txt files eg uk648.nordvpn.comtcp443.ovpn
Also was instructed to download nano reader and a few other things.
My cd ls in my nordvpn terminal is as follows
Desktop Music Templates nano.save
Documents Pictures Videos openvpn-client.ovpn.txt
Downloads Public auth-user-pass pass.txt
( To note and jumping ahead: following tasket's Reddit page on Qubes vpn set up instructions I added vpn-handler-openvpn to services in the appvm I named Nordvpn )
So from there comes Nordvpns reply ( they were very helpful before helping me successfully setting up my vpn link on my Raspberry Pi )
I received this email:
Hello, Adam,
I have checked your OS documentation and it would be great if you could test out the following setup:
Disable any auto-starting service that comes with the software package. For example for OpenVPN.
sudo systemctl disable openvpn.service
You may also wish to install nano or another simple text editor for entering the scripts below. Now run the following command to create VPN directory:
sudo mkdir /rw/config/vpn
Enter the directory using the following command:
cd
/rw/config/vpn
Then our website -
https://nordvpn.com/servers/#recommended , on the server picker you will see recommended server number. Then open
https://nordvpn.com/ovpn/ website and download recommended server file. You can download directly to device and transfer to your VM or use command to download from the hyperlink:
sudo wget
https://downloads.nordcdn.com/configs/files/ovpn_legacy/servers/us1310.nordvpn.com.udp1194.ovpn
(Change the last line of server name to download the correct file). Then rename downloaded file to client.ovpn
The VPN client may not be able to prompt you for credentials when connecting to the server. Create a file in the /rw/config/vpn folder with your credentials and using a directive. For example for OpenVPN, edit:
auth-user-pass
to:
auth-user-pass pass.txt
Save file /rw/config/vpn/client.ovpn. Make sure a /rw/config/vpn/pass.txt file actually exists.
sudo nano /rw/config/vpn/pass.txt
Add:
username
password
Replace username and password with your actual username and password.
Test your client configuration: Run the client from a CLI prompt in the ‘vpn’ folder, preferably as root. For example:
sudo openvpn --cd /rw/config/vpn --config client.ovpn
Watch for status messages that indicate whether the connection is successful and test from another VPN VM terminal window with ping.
ping 8.8.8.8
ping can be aborted by pressing the two keys ctrl + c at the same time. DNS may be tested at this point by replacing addresses in /etc/resolv.conf with ones appropriate for your VPN (although this file will not be used when setup is complete). Diagnose any connection problems using resources such as client documentation and help from your VPN service provider. Proceed to the next step when you’re sure the basic VPN connection is working.
Set up the VPN’s autostart.
sudo nano /rw/config/rc.local
Clear out the existing lines and add:
#!/bin/bash
VPN_CLIENT='openvpn' VPN_OPTIONS='--cd /rw/config/vpn/ --config openvpn-client.ovpn --daemon'
su - -c 'notify-send "$(hostname): Starting $VPN_CLIENT..." --icon=network-idle' user
groupadd -rf qvpn ; sleep 2s
sg qvpn -c "$VPN_CLIENT $VPN_OPTIONS"
If you are using anything other than OpenVPN, change the VPN_CLIENT and VPN_OPTIONS variables to match your VPN software. Save the script. Make it executable.
sudo chmod +x /rw/config/rc.local
Restart the new VM! The link should then be established automatically with a popup notification to that effect.
Let us know how it will go!
But..starting out I fell over the first hurdle.
in the Nordvpn terminal I typed in Sudo systemctl disable openvpn.service
message back: Failed to disable unit: Unit file openvpn.service doesn not exist.
That is where I am now.
Any help and suggestions will be greatly appreciated.
Best,
Wolf moon