In this section:
Set up a ProxyVM as a VPN gateway using iptables and CLI scripts
Where it says this:
Set up and test the VPN client.
Make sure the VPN VM and its template VM are not running.
Run a terminal (CLI) in the VPN VM this will start the VM. Then make a
new ‘vpn’ folder with sudo mkdir /rw/config/vpn and copy your VPN config
files here (the example config filename used here is
openvpn-client.ovpn). Files accompanying the main config such as *.crt
and *.pem should also go here, and should not be referenced in the main
config by absolute paths such as ‘/etc/…’.
Notes about VPN config options: The VPN scripts here are intended to
work with commonly used tun interfaces, whereas tap mode is untested.
Also, the config should route all traffic through your VPN’s interface
after a connection is created; For openvpn the directive for this is
redirect-gateway def1.
----
Lastly, the VPN client may not be able to prompt you for credentials
when connecting to the server: Creating a file in the ‘vpn’ folder with
your credentials and using a directive such as openvpn’s auth-user-pass
<filename> is recommended.
----
It seems like this file needs to be changed to be read-only, for the
appropriate ownership based on the complaints that pop up, when
testing in the terminal before one doesn't notice it later, when not
using the terminal to start the openvpn --config
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/9f8e601e-29b1-635e-1b5e-b65401a332e3%40riseup.net.
For more options, visit https://groups.google.com/d/optout.
