Re: [qubes-users] Qubes 4.0 and Private Internet Access? Tasket VPN solution...

Fri, 06 Apr 2018 07:29:15 -0700 

On 04/06/2018 09:08 AM, vel...@tutamail.com wrote:

Thanks Chris...again thank you for the effort! This tool is great...

Does it matter that Private internet access provides 3 seperate files (key, 
cert and client config)?
Yes it matters. You should put all of them in the /rw/config/vpn folder or the config won't work. 



I have the proxy AppVM set up with "provides network"(proxy) checked, I have 
tried a setup in proxy only and a setup in Template/Proxy, PVH(tried PV...similar to 
3.2)...I don't think it is the setup as much as the configuration of the template?


No need to mess with virt type... default PVH is fine.



I installed GNOME and Openvpn (Using those names specifically) in Debian, no 
additional packages installed in stock fedora...

I feel like I am missing a very basic command or tweak, whonix works, wireless 
works, sys-firewall works...any help would be appreciated. It seems something 
releated to PIA VPN configuration or VPN-handler-openvpn
I'm using Debian 9 also and just did a test with PIA. On my system the service fails initially then restarts 10sec later because the firewall rules take time to set up. It works fine this way. If you want to avoid the initial failure and restart, add a 2sec delay "sleep 2s" in rc.local just before the first systemctl command; it will start quicker. 



Here are my logs/commands from your suggestions:


root@sys-VPNb5:/home/user# ls -l /rw/config/qubes-firewall.d
total 0
lrwxrwxrwx 1 root root 38 Apr  5 13:16 90_tunnel-restrict -> 
/usr/lib/qubes/proxy-firewall-restrict


root@sys-VPNb5:/home/user# iptables -v -L FORWARD
The iptables and qubes-firewall.d look correct. But the logs you added look garbled. Can you capture the following and attach it to a reply in tar format..? 

 sudo journalctl -u qubes-vpn-handler >qvpn.log
 tar -czf qvpnlog.tgz qvpn.log
 qvm-copy qvpnlog.tgz

--

Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/40ff2572-ed6c-e076-41e6-fa3209b83c63%40posteo.net.
For more options, visit https://groups.google.com/d/optout.

Reply via email to