upgrading to fed 30 min for vpn proxy?
82 views
Skip to first unread message
Stumpy
Jun 1, 2019, 1:46:52 PM6/1/19
to Qubes users
I upgraded to v30 fedora minimal, installed all the packages I installed
on v28, and tried using the vpn vm but nada, its acting like its not
even there? the vpn appvm has not been changed, same configuration, and
as far as i can tell the same packages installed in the new template as
the old template but when I try to use an appvm that uses the vpn vm as
a net-sys and check (ifconfig.co) it shows me the same thing as if i
wasnt using the vpn at all?
When set my vpn appvm to use the old fed 28 min template it goes back to
working fine...
ideas?
on v28, and tried using the vpn vm but nada, its acting like its not
even there? the vpn appvm has not been changed, same configuration, and
as far as i can tell the same packages installed in the new template as
the old template but when I try to use an appvm that uses the vpn vm as
a net-sys and check (ifconfig.co) it shows me the same thing as if i
wasnt using the vpn at all?
When set my vpn appvm to use the old fed 28 min template it goes back to
working fine...
ideas?
Chris Laprise
Jun 2, 2019, 1:09:13 AM6/2/19
to stu...@posteo.net, Qubes users
now. I think its happening on fedora-29/30 and debian-10.
There is a difference in systemd that requires a different startup
approach. But also, there is a bug in notify-send that causes it to hang
for a while, which causes the vpn scripts to hang for the same period.
Current workaround is to run it with debian-9.
Issue:
https://github.com/tasket/Qubes-vpn-support/issues/39
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
Stumpy
Jul 20, 2019, 10:13:58 AM7/20/19
to Chris Laprise, Qubes users
On 6/2/19 1:09 AM, Chris Laprise wrote:
> On 6/1/19 1:46 PM, Stumpy wrote:
>> I upgraded to v30 fedora minimal, installed all the packages I
>> installed on v28, and tried using the vpn vm but nada, its acting like
>> its not even there? the vpn appvm has not been changed, same
>> configuration, and as far as i can tell the same packages installed in
>> the new template as the old template but when I try to use an appvm
>> that uses the vpn vm as a net-sys and check (ifconfig.co) it shows me
>> the same thing as if i wasnt using the vpn at all?
>>
>> When set my vpn appvm to use the old fed 28 min template it goes back
>> to working fine...
>
> If you're using qubes-vpn-support or qubes-tunnel, I'm looking into it
> now. I think its happening on fedora-29/30 and debian-10.
>
> There is a difference in systemd that requires a different startup
> approach. But also, there is a bug in notify-send that causes it to hang
> for a while, which causes the vpn scripts to hang for the same period.
>
> Current workaround is to run it with debian-9.
>
> Issue:
> https://github.com/tasket/Qubes-vpn-support/issues/39
>
I checked the issue on github and got the impression that with the most
> On 6/1/19 1:46 PM, Stumpy wrote:
>> I upgraded to v30 fedora minimal, installed all the packages I
>> installed on v28, and tried using the vpn vm but nada, its acting like
>> its not even there? the vpn appvm has not been changed, same
>> configuration, and as far as i can tell the same packages installed in
>> the new template as the old template but when I try to use an appvm
>> that uses the vpn vm as a net-sys and check (ifconfig.co) it shows me
>> the same thing as if i wasnt using the vpn at all?
>>
>> When set my vpn appvm to use the old fed 28 min template it goes back
>> to working fine...
>
> If you're using qubes-vpn-support or qubes-tunnel, I'm looking into it
> now. I think its happening on fedora-29/30 and debian-10.
>
> There is a difference in systemd that requires a different startup
> approach. But also, there is a bug in notify-send that causes it to hang
> for a while, which causes the vpn scripts to hang for the same period.
>
> Current workaround is to run it with debian-9.
>
> Issue:
> https://github.com/tasket/Qubes-vpn-support/issues/39
>
recent fed30 minimal update the problem is fixed but i just double
checked that my fed 30 min template is up to date and has the right
packages, then tried using an appvm with my vpn vm (while it was using
the fed 30 min template) and no go, on ifconfig.co it shows up the same
way as using n vpn at all.
This mgiht be a silly question but do i need to make changes to my vpn vm?
Chris Laprise
Jul 20, 2019, 11:43:25 AM7/20/19
to stu...@posteo.net, Qubes users
traffic would be blocked by both the firewall and the forwarding switch.
You should have the latest Qubes-vpn-support version installed and look
at the log messages in the VPN VM with 'journalctl -u
qubes-vpn-handler'. Looking at the nat table would also be a good idea:
'iptables -L -v -t nat' to see if PR-QBS has the right DNS numbers.
Chris Laprise
Jul 23, 2019, 4:42:30 PM7/23/19
to stu...@posteo.net, Qubes users
On 7/20/19 11:43 AM, Chris Laprise wrote:
> It sounds like it isn't installed or configured at all. If it was,
> traffic would be blocked by both the firewall and the forwarding switch.
>
> You should have the latest Qubes-vpn-support version installed and look
> at the log messages in the VPN VM with 'journalctl -u
> qubes-vpn-handler'. Looking at the nat table would also be a good idea:
> 'iptables -L -v -t nat' to see if PR-QBS has the right DNS numbers.
Hi, did installing the current version get your VPN connection working?
> It sounds like it isn't installed or configured at all. If it was,
> traffic would be blocked by both the firewall and the forwarding switch.
>
> You should have the latest Qubes-vpn-support version installed and look
> at the log messages in the VPN VM with 'journalctl -u
> qubes-vpn-handler'. Looking at the nat table would also be a good idea:
> 'iptables -L -v -t nat' to see if PR-QBS has the right DNS numbers.
Reply all
Reply to author
Forward
0 new messages