On Tuesday, September 18, 2018 at 10:37:06 AM UTC+2, Wolf moon wrote: > On Saturday, 15 September 2018 04:21:53 UTC+1, Wolf moon wrote: > > Hi guys New to Qubes ( which is an amazing feat of cyber security > > engineering ) all working fine and learning my way around it. > > > > My only issue is logging into my vpn service. > > > > I have followed the Qubes instructions ( which the images are different to > > Qubes 4.0 and after searching the net on this matter someone said that this > > is a shot of the previous Qubes so not helpful there ) I also contacted my > > vpn service on the matter. They read up on the Qubes instructions and > > emailed me back a step by step guide but still no joy. > > > > My vpn service works well on my Raspberry Pi 3 in the command line ( which > > I found simple instructions for elsewhere on the internet ) and works fine > > on my windows 10 system as its got an app interface you download. > > > > Its just Qubes I am having issues with. I am by no means a hardcore techy, > > I am learning and not afraid or unfamiliar using the command line in linux. > > > > I have contacted the Qubes team after trying my best effort to resolve this > > on my own as I know they are a small team of 5 or so last time I checked. > > > > Any help and advice would be greatly appreciated. > > > > Best, > > > > Wolf Moon > > Okay guys so I am signed up to Nordvpn. ( To note: I always update everything > in Qube manager ) > > I started off by google searching how to set up a vpn on qubes. I dont have > every forum page be it google groups or reddit page saved I read > unfortunately. > > But they generally instructed me to do go through the steps to set up a vpn > as Qubes instructs on their page > https://www.qubes-os.org/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-networkmanager > > Specifically Set up a ProxyVM as a VPN gateway using iptables and CLI scripts > > What I was referencing referring to the diagram/photo being outdated or of > the old version of Qubes prior to 4.0 was the Dom0 create a new Vm. It just > comes up looking different which is what one of the OPs mentioned on one of > the how to guides I found. > > Moving forward. > > Certain commands didn't work like sudo which after googling one forum posted > in Qubes you dont use sudo much, dnf ( what ever that is ) is used instead > which is what I used. > > I created a Qube named it Nordvpn > Template > Fedora-26 > Networking > > sys-net > Appvm > > From there the rest of the instructions didn't work on Qubes for me. > > Apart from downloading the nord config files successfully which are in my > nordvpn documents folder with all the server addresses as txt files eg > uk648.nordvpn.comtcp443.ovpn > > Also was instructed to download nano reader and a few other things. > > My cd ls in my nordvpn terminal is as follows > > Desktop Music Templates nano.save > Documents Pictures Videos openvpn-client.ovpn.txt > Downloads Public auth-user-pass pass.txt > > ( To note and jumping ahead: following tasket's Reddit page on Qubes vpn set > up instructions I added vpn-handler-openvpn to services in the appvm I named > Nordvpn ) > > So from there comes Nordvpns reply ( they were very helpful before helping me > successfully setting up my vpn link on my Raspberry Pi ) > > I received this email: > > Hello, Adam, > > I have checked your OS documentation and it would be great if you could test > out the following setup: > Disable any auto-starting service that comes with the software package. For > example for OpenVPN. > sudo systemctl disable openvpn.service > You may also wish to install nano or another simple text editor for entering > the scripts below. Now run the following command to create VPN directory: > sudo mkdir /rw/config/vpn > Enter the directory using the following command: > cd > /rw/config/vpn > > Then our website - https://nordvpn.com/servers/#recommended , on the server > picker you will see recommended server number. Then open > https://nordvpn.com/ovpn/ website and download recommended server file. You > can download directly to device and transfer to your VM or use command to > download from the hyperlink: > sudo wget > https://downloads.nordcdn.com/configs/files/ovpn_legacy/servers/us1310.nordvpn.com.udp1194.ovpn > (Change the last line of server name to download the correct file). Then > rename downloaded file to client.ovpn > The VPN client may not be able to prompt you for credentials when connecting > to the server. Create a file in the /rw/config/vpn folder with your > credentials and using a directive. For example for OpenVPN, edit: > auth-user-pass > to: > auth-user-pass pass.txt > > Save file /rw/config/vpn/client.ovpn. Make sure a /rw/config/vpn/pass.txt > file actually exists. > sudo nano /rw/config/vpn/pass.txt > Add: > username > password > Replace username and password with your actual username and password. > Test your client configuration: Run the client from a CLI prompt in the ‘vpn’ > folder, preferably as root. For example: > sudo openvpn --cd /rw/config/vpn --config client.ovpn > Watch for status messages that indicate whether the connection is successful > and test from another VPN VM terminal window with ping. > ping 8.8.8.8 > ping can be aborted by pressing the two keys ctrl + c at the same time. DNS > may be tested at this point by replacing addresses in /etc/resolv.conf with > ones appropriate for your VPN (although this file will not be used when setup > is complete). Diagnose any connection problems using resources such as client > documentation and help from your VPN service provider. Proceed to the next > step when you’re sure the basic VPN connection is working. > > Set up the VPN’s autostart. > sudo nano /rw/config/rc.local > Clear out the existing lines and add: > #!/bin/bash > VPN_CLIENT='openvpn' VPN_OPTIONS='--cd /rw/config/vpn/ --config > openvpn-client.ovpn --daemon' > su - -c 'notify-send "$(hostname): Starting $VPN_CLIENT..." > --icon=network-idle' user > groupadd -rf qvpn ; sleep 2s > sg qvpn -c "$VPN_CLIENT $VPN_OPTIONS" > If you are using anything other than OpenVPN, change the VPN_CLIENT and > VPN_OPTIONS variables to match your VPN software. Save the script. Make it > executable. > sudo chmod +x /rw/config/rc.local > Restart the new VM! The link should then be established automatically with a > popup notification to that effect. > > Let us know how it will go! > > But..starting out I fell over the first hurdle. > > in the Nordvpn terminal I typed in Sudo systemctl disable openvpn.service > > message back: Failed to disable unit: Unit file openvpn.service doesn not > exist. > > That is where I am now. > > Any help and suggestions will be greatly appreciated. > > Best, > > Wolf moon
You cannot disable something that does not exist. Just move on to the next point. Did you enable the "provides network" option while creating your VPN-App? Creating a new VPN-app is looking like that for me, my apps stand for the country: Name: sys-vpn-austria Type: AppVM Template: Debian (or course you can use Fedora, but it should be 28, 26 is outdated!) Networking: default (sys-firewall) provides network: enabled The guide provided seems fine and you could check if the connection works but you should include the other scripts as well in order to make sure that all traffic is going through your vpn only. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8c539f04-f741-43c5-b37c-6f9cf4a53612%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
