Hello, I am trying to configure Qubes-vpn-support
https://github.com/tasket/Qubes-vpn-support/ , but I can not. Help. What do I
need to do to complete the VPN setup?
https://github.com/tasket/Qubes-vpn-support/
[user@VPN1 ~]$ systemctl status qubes-vpn-handler
● qubes-vpn-handler.service - VPN Client for Qubes proxyVM
Loaded: loaded (/usr/lib/systemd/system/qubes-vpn-handler.service; enabled; v
Drop-In: /usr/lib/systemd/system/qubes-vpn-handler.service.d
└─00_example.conf
Active: active (running) since Thu 2018-12-20 21:24:36 MSK; 6min ago
Process: 2409 ExecStopPost=/usr/lib/qubes/qubes-vpn-setup --post-stop (code=ex
Process: 2451 ExecStartPost=/usr/lib/qubes/qubes-vpn-setup --post-start (code=
Process: 2416 ExecStartPre=/usr/lib/qubes/qubes-vpn-setup --pre-start (code=ex
Process: 2412 ExecStartPre=/usr/lib/qubes/qubes-vpn-setup --check-firewall (co
Main PID: 2450 (qubes-vpn-setup)
Tasks: 2 (limit: 4915)
CGroup: /system.slice/qubes-vpn-handler.service
├─2450 /bin/sh /usr/lib/qubes/qubes-vpn-setup --start-exec
└─2455 /usr/sbin/openvpn --cd /rw/config/vpn/ --config /tmp/vpn-clien
lines 1-14/14 (END)
========================================================================
[user@VPN1 ~]$ journalctl -u qubes-vpn-handler
-- Logs begin at Tue 2018-12-11 19:45:56 MSK, end at Thu 2018-12-20 21:30:47
MSK. --
Dec 20 20:47:46 VPN1 systemd[1]: Starting VPN Client for Qubes proxyVM...
Dec 20 20:47:46 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching
rule exist in that chain?).
Dec 20 20:47:48 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching
rule exist in that chain?).
Dec 20 20:47:50 VPN1 qubes-vpn-setup[1014]: iptables: Bad rule (does a matching
rule exist in that chain?).
Dec 20 20:47:50 VPN1 qubes-vpn-setup[1014]: Error: Firewall rule(s) not enabled!
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Control process
exited, code=exited status=1
Dec 20 20:47:50 VPN1 systemd[1]: Failed to start VPN Client for Qubes proxyVM.
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Unit entered failed
state.
Dec 20 20:47:51 VPN1 qubes-vpn-setup[1207]: STOP-ing network forwarding!
Dec 20 20:47:50 VPN1 systemd[1]: qubes-vpn-handler.service: Failed with result
'exit-code'.
Dec 20 20:48:01 VPN1 systemd[1]: qubes-vpn-handler.service: Service hold-off
time over, scheduling restart.
Dec 20 20:48:01 VPN1 systemd[1]: Stopped VPN Client for Qubes proxyVM.
Dec 20 20:48:01 VPN1 systemd[1]: Starting VPN Client for Qubes proxyVM...
Dec 20 20:48:01 VPN1 qubes-vpn-setup[1770]: iptables: Bad rule (does a matching
rule exist in that chain?).
Dec 20 20:48:04 VPN1 su[1858]: (to user) root on none
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2086]: START-ing network forwarding!
Dec 20 20:48:10 VPN1 systemd[1]: Started VPN Client for Qubes proxyVM.
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: EXEC /usr/sbin/openvpn --cd
/rw/config/vpn/ --config /tmp/vpn-client.conf --verb 3 --mlock --ping 10
--ping-restart 42 --conne
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 OpenVPN
2.4.5 x86_64-redhat-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11]
[MH/PKTINFO] [AEAD
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 library
versions: OpenSSL 1.1.0g-fips 2 Nov 2017, LZO 2.08
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 mlockall
call succeeded
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 WARNING:
you are using user/group/chroot/setcon without persist-tun -- this may cause
restarts to fai
Dec 20 20:48:10 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:10 2018 NOTE: the
current --script-security setting may allow this configuration to call
user-defined scripts
Dec 20 20:48:21 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:21 2018 RESOLVE:
Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service
not known)
Dec 20 20:48:31 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:31 2018 RESOLVE:
Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service
not known)
Dec 20 20:48:52 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:48:52 2018 RESOLVE:
Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service
not known)
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 RESOLVE:
Cannot resolve host address: fi.privateinternetaccess.com:1198 (Name or service
not known)
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 Could not
determine IPv4/IPv6 protocol
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 NOTE:
UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018
SIGUSR1[soft,init_instance] received, process restarting
Dec 20 20:49:08 VPN1 qubes-vpn-setup[2085]: Thu Dec 20 20:49:08 2018 Restart
pause, 5 second(s)
lines 1-32
=======================================================
PLEASE HELP ME!!
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/6086521f-31f6-45aa-85f7-e04989b8a0e5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
