On Tue, 18 Sep 2018 10:17:25 -0700 (PDT)
Wolf moon <adam.paton8...@gmail.com> wrote:
>On Tuesday, 18 September 2018 10:46:44 UTC+1, Антон Чехов wrote:
>> On Tuesday, September 18, 2018 at 10:37:06 AM UTC+2, Wolf moon wrote:
>> > On Saturday, 15 September 2018 04:21:53 UTC+1, Wolf moon wrote:
>> > > Hi guys New to Qubes ( which is an amazing feat of cyber security
>> > > engineering ) all working fine and learning my way around it.
>> > >
>> > > My only issue is logging into my vpn service.
>> > >
>> > > I have followed the Qubes instructions ( which the images are different
>> > > to Qubes 4.0 and after searching the net on this matter someone said
>> > > that this is a shot of the previous Qubes so not helpful there ) I also
>> > > contacted my vpn service on the matter. They read up on the Qubes
>> > > instructions and emailed me back a step by step guide but still no joy.
>> > >
>> > > My vpn service works well on my Raspberry Pi 3 in the command line (
>> > > which I found simple instructions for elsewhere on the internet ) and
>> > > works fine on my windows 10 system as its got an app interface you
>> > > download.
>> > >
>> > > Its just Qubes I am having issues with. I am by no means a hardcore
>> > > techy, I am learning and not afraid or unfamiliar using the command line
>> > > in linux.
>> > >
>> > > I have contacted the Qubes team after trying my best effort to resolve
>> > > this on my own as I know they are a small team of 5 or so last time I
>> > > checked.
>> > >
>> > > Any help and advice would be greatly appreciated.
>> > >
>> > > Best,
>> > >
>> > > Wolf Moon
>> >
>> > Okay guys so I am signed up to Nordvpn. ( To note: I always update
>> > everything in Qube manager )
>> >
>> > I started off by google searching how to set up a vpn on qubes. I dont
>> > have every forum page be it google groups or reddit page saved I read
>> > unfortunately.
>> >
>> > But they generally instructed me to do go through the steps to set up a
>> > vpn as Qubes instructs on their page
>> > https://www.qubes-os.org/doc/vpn/#set-up-a-proxyvm-as-a-vpn-gateway-using-networkmanager
>> >
>> > Specifically Set up a ProxyVM as a VPN gateway using iptables and CLI
>> > scripts
>> >
>> > What I was referencing referring to the diagram/photo being outdated or of
>> > the old version of Qubes prior to 4.0 was the Dom0 create a new Vm. It
>> > just comes up looking different which is what one of the OPs mentioned on
>> > one of the how to guides I found.
>> >
>> > Moving forward.
>> >
>> > Certain commands didn't work like sudo which after googling one forum
>> > posted in Qubes you dont use sudo much, dnf ( what ever that is ) is used
>> > instead which is what I used.
>> >
>> > I created a Qube named it Nordvpn > Template > Fedora-26 > Networking >
>> > sys-net
>> > Appvm
>> >
>> > From there the rest of the instructions didn't work on Qubes for me.
>> >
>> > Apart from downloading the nord config files successfully which are in my
>> > nordvpn documents folder with all the server addresses as txt files eg
>> > uk648.nordvpn.comtcp443.ovpn
>> >
>> > Also was instructed to download nano reader and a few other things.
>> >
>> > My cd ls in my nordvpn terminal is as follows
>> >
>> > Desktop Music Templates nano.save
>> > Documents Pictures Videos openvpn-client.ovpn.txt
>> > Downloads Public auth-user-pass pass.txt
>> >
>> > ( To note and jumping ahead: following tasket's Reddit page on Qubes vpn
>> > set up instructions I added vpn-handler-openvpn to services in the appvm I
>> > named Nordvpn )
>> >
>> > So from there comes Nordvpns reply ( they were very helpful before helping
>> > me successfully setting up my vpn link on my Raspberry Pi )
>> >
>> > I received this email:
>> >
>> > Hello, Adam,
>> >
>> > I have checked your OS documentation and it would be great if you could
>> > test out the following setup:
>> > Disable any auto-starting service that comes with the software package.
>> > For example for OpenVPN.
>> > sudo systemctl disable openvpn.service
>> > You may also wish to install nano or another simple text editor for
>> > entering the scripts below. Now run the following command to create VPN
>> > directory:
>> > sudo mkdir /rw/config/vpn
>> > Enter the directory using the following command:
>> > cd
>> > /rw/config/vpn
>> >
>> > Then our website - https://nordvpn.com/servers/#recommended , on the
>> > server picker you will see recommended server number. Then open
>> > https://nordvpn.com/ovpn/ website and download recommended server file.
>> > You can download directly to device and transfer to your VM or use command
>> > to download from the hyperlink:
>> > sudo wget
>> > https://downloads.nordcdn.com/configs/files/ovpn_legacy/servers/us1310.nordvpn.com.udp1194.ovpn
>> > (Change the last line of server name to download the correct file). Then
>> > rename downloaded file to client.ovpn
>> > The VPN client may not be able to prompt you for credentials when
>> > connecting to the server. Create a file in the /rw/config/vpn folder with
>> > your credentials and using a directive. For example for OpenVPN, edit:
>> > auth-user-pass
>> > to:
>> > auth-user-pass pass.txt
>> >
>> > Save file /rw/config/vpn/client.ovpn. Make sure a /rw/config/vpn/pass.txt
>> > file actually exists.
>> > sudo nano /rw/config/vpn/pass.txt
>> > Add:
>> > username
>> > password
>> > Replace username and password with your actual username and password.
>> > Test your client configuration: Run the client from a CLI prompt in the
>> > ‘vpn’ folder, preferably as root. For example:
>> > sudo openvpn --cd /rw/config/vpn --config client.ovpn
>> > Watch for status messages that indicate whether the connection is
>> > successful and test from another VPN VM terminal window with ping.
>> > ping 8.8.8.8
>> > ping can be aborted by pressing the two keys ctrl + c at the same time.
>> > DNS may be tested at this point by replacing addresses in /etc/resolv.conf
>> > with ones appropriate for your VPN (although this file will not be used
>> > when setup is complete). Diagnose any connection problems using resources
>> > such as client documentation and help from your VPN service provider.
>> > Proceed to the next step when you’re sure the basic VPN connection is
>> > working.
>> >
>> > Set up the VPN’s autostart.
>> > sudo nano /rw/config/rc.local
>> > Clear out the existing lines and add:
>> > #!/bin/bash
>> > VPN_CLIENT='openvpn' VPN_OPTIONS='--cd /rw/config/vpn/ --config
>> > openvpn-client.ovpn --daemon'
>> > su - -c 'notify-send "$(hostname): Starting $VPN_CLIENT..."
>> > --icon=network-idle' user
>> > groupadd -rf qvpn ; sleep 2s
>> > sg qvpn -c "$VPN_CLIENT $VPN_OPTIONS"
>> > If you are using anything other than OpenVPN, change the VPN_CLIENT and
>> > VPN_OPTIONS variables to match your VPN software. Save the script. Make it
>> > executable.
>> > sudo chmod +x /rw/config/rc.local
>> > Restart the new VM! The link should then be established automatically with
>> > a popup notification to that effect.
>> >
>> > Let us know how it will go!
>> >
>> > But..starting out I fell over the first hurdle.
>> >
>> > in the Nordvpn terminal I typed in Sudo systemctl disable openvpn.service
>> >
>> > message back: Failed to disable unit: Unit file openvpn.service doesn not
>> > exist.
>> >
>> > That is where I am now.
>> >
>> > Any help and suggestions will be greatly appreciated.
>> >
>> > Best,
>> >
>> > Wolf moon
>>
>> You cannot disable something that does not exist. Just move on to the next
>> point. Did you enable the "provides network" option while creating your
>> VPN-App?
>>
>> Creating a new VPN-app is looking like that for me, my apps stand for the
>> country:
>>
>> Name: sys-vpn-austria
>> Type: AppVM
>> Template: Debian (or course you can use Fedora, but it should be 28, 26 is
>> outdated!)
>> Networking: default (sys-firewall)
>> provides network: enabled
>>
>> The guide provided seems fine and you could check if the connection works
>> but you should include the other scripts as well in order to make sure that
>> all traffic is going through your vpn only
>
>I have just found the command to update to fedora 28 via dom 0 on kushal das
>website
>
>sudo qubes-dom0-update qubes-template-fedora-28
>
>Updating now
>
What that does is install the fedora-28 template. You can do that. I did.
First I upgraded the fedora-26 template to 27 then 28 then I decided to redo
with the clean 28 template.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/20180918153138.0760e479%40gmail.com.
For more options, visit https://groups.google.com/d/optout.
