On Thursday, 15 March 2018 12:33:30 UTC+11, Chris Laprise wrote: > On 03/14/2018 08:47 PM, Drew White wrote: > > On Wednesday, 14 March 2018 23:28:58 UTC+11, Chris Laprise wrote: > >> On 03/13/2018 09:53 PM, Drew White wrote: > >>> On Wednesday, 14 March 2018 12:25:12 UTC+11, Chris Laprise wrote: > >>>> On 03/13/2018 08:20 PM, Drew White wrote: > >>>>> On Wednesday, 14 March 2018 11:06:22 UTC+11, Chris Laprise wrote: > >>>>>> The current VPN doc is here: > >>>>>> > >>>>>> https://www.qubes-os.org/doc/vpn/ > >>>>> > >>>>> Thanks for the reply Chris, but that is not what I was looking for as I > >>>>> was wanting to use pptp VPN connections (and similar), not a Qubes VPN. > >>>> > >>>> I think you mean "not an OpenVPN..."? > >>> > >>> I am guessing so, yes, thanks for clarifying. > >>> > >>>> FWIW, the resources at those links are meant to be adaptable for > >>>> non-OpenVPN setups, and they don't impose any particular type of routing > >>>> (other than forbidding access that most call 'leaks'). As for accessing > >>>> the LAN directly through a VPN VM, there are simple ways to make an > >>>> exception for it. > >>> > >>> That's what I don't get. All I want to do is have the VPN connect, > >>> nothing else. So that my AppVM can talk through it to the external. > >> > >> OK, this sounds like you want to connect to a remote LAN. > > > > I thought that is what VPNs are for? > > They can be. Some configs are for remote LANs, others for connecting to > Internet.
It's all remote LAN, just different restrictions on them. > > Well that is their primary intention, to connect from where you are to a > > remote network. > > I should have clarified that in the first place due to many people these > > days connecting to remote networks as a 255.255.255.255 and only doing it > > to connect out to the internet for privacy and security. > > > > I shall endeavor to mention that in the future if it ever arises again. > > > >> > >>>>> > >>>>> I also want to have one where everything that is going to happen on the > >>>>> remote network is pushed through the VPN, and everything else remains > >>>>> using the local connection. > >>>>> > >>>>> So there are 2 ways I'm looking at having it work. > >>>>> > >>>>> But at first, I just want a standard PPTP connection. > >>>> > >>>> There are plenty of guides out there. But when searching for examples > >>>> keep in mind that a Qubes proxyVM behaves much like a router (not a PC > >>>> endpoint) so that may be the best type of guide to use. > >>> > >>> Exactly, and as a router it should connect a VPN. > >>> I used to have it able to do it. So that's why I don't understand why it > >>> isn't working. Since I had it able to do it once before, ages ago, and > >>> nothing has changed since then, and now it isn't working. So it's odd. > >>> Thus I figured maybe something has changed. > >> > >> I want to say "Not much has changed in R3.2 networking", but the Linux > >> distros in the templates have changed somewhat over the years. In any > >> case, you'll need to review your configuration and maybe post setup > >> steps to get specific troubleshooting advice. > > > > I'm still using F23 for it. Perhaps there is something else inside the > > Qubes Networking that has an issue with it after updating for security. > > > > I'll have to just go through settings and try and try and try. Just go from > > one settings to another and trying to connect after altering each setting. > > I suggest moving your settings to F26 (i.e. change the template of your VM). I have F20,21,23,24,26. Normal and Minimal. Typically I have the minimal, then install what I want. But since I can't remove the crap from the template, I have to alter the code in or disable about 60 things before I start, since there are things that are broken that Qubes developers said aren't. > > What else, other than NetworkManager can be used? > > F26 has pptp-setup package. It lets you use shell commands: > http://pptpclient.sourceforge.net/ I have F26 and that did not resolve the issue. At the moment I'm waiting for someone to get pfSense working properly with Qubes, so that I have a decent firewall option as using Fedora or Debian (Debian is better) as a NetVM is just harsh. Due to the fact that it has so much in it that it does't need as a NetVM. Which is why I get the minimal, and then add what I need to create a VM for NetVM/ProxyVM, as we as one for AppVM. Unfortunately, in Qubes you can't remove the standard RPM installed templates. It simply has a hissy fit if you do. But I still manually remove it from the XML as well as delete the files. Means I can't re-install from the RPM though. If you know how to remove it via the RPM method, please let me know. It would be appreciated. > Of course, Qubes proxyVMs have Network Manager disabled by default. There are so many things about the way the systems are going these days that are just wrong it's not funny. They keep thinking newer is better, yet all they have to do is patch what they currently have that works perfectly. If they patch it and cure the issue then it is fixed. Creating a new thing leaves the bug still there and just adds something else that could be another attack surface. Maybe all that is cured in Qubes 4, I have no idea since it doesn't work on my hardware due to their restrictions for the CPU. So all I'm going on is the now abandoned and unsupported Qubes 3.2. If the initial issues are resolved in Qubes 4, would be good to know. But I know that there are many issues that will not be resolved (as far as I am aware) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/598122c0-7caa-420a-9ca0-a4f7a765166d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
