Re: [qubes-users] Re: ANN: Qubes-vpn-support v1.4.1 released!
On 7/4/19 1:51 PM, Jon deps wrote: On 6/20/19 8:00 PM, Chris Laprise wrote: Version 1.4.1 of Qubes-vpn-support has been released. It includes tweaks for smoother operation, greater control over the firewall, and revised docs in the Readme: https://github.com/tasket/Qubes-vpn-support Features Provides a fail closed, antileak VPN tunnel environment Isolates the tunnel client within a dedicated Proxy VM Prevents configuration errors Separate firewall VM not required Easy setup Simple install script; No file editing or IP numbers necessary Lets you 'drop in' configuration files from VPN service provider Flexible installation into template or to individual ProxyVMs New in this version, v1.4.1 Qubes 4.0.1 support Control over specific firewall restrictions Better compatibility with MTU fragmentation detection New in v1.4.0 Anti-leak for IPv6 All DNS requests forced to chosen VPN DNS Firewall integrity checked before connecting Quicker re-connection Supports passwordless cert authentication * Also note that Qubes 3.x is no longer detected or supported. * Updating to the new version is simple and described in the 'Quickstart' guide. * For users of qubes-tunnel (twin vpn project), an equivalent update is forthcoming in the next week. However, if you wish to switch to Qubes-vpn-support now, you can install it without issues for a new VPN VM. Which Debian-9 packages besides openvpn need to be installed in the Template for QVS to work ? Only openvpn. I'm finding that sudo apt-get install openvpn isn't enough on the default Deb-9 Template just installed, and copying over backed up AppVMs from another machine. It does worked with another Debian-9 template copied over from the other machine but I'd like to use the fresh installed Deb-9 on the new machine instead. am finding that bash ./install is just returning empty if it's installed already . would that be normal ? It should only do that if you omit 'sudo'. - Also. I just posted a bug fix. VPN passwords with special symbols like '\' were not being saved correctly, preventing successful connection in that case. The updated code should save any combination of ASCII symbols correctly now. -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/4022be3f-28f0-e0ea-6a2a-db101b3f79ce%40posteo.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: ANN: Qubes-vpn-support v1.4.1 released!
On 6/20/19 8:00 PM, Chris Laprise wrote: Version 1.4.1 of Qubes-vpn-support has been released. It includes tweaks for smoother operation, greater control over the firewall, and revised docs in the Readme: https://github.com/tasket/Qubes-vpn-support Features Provides a fail closed, antileak VPN tunnel environment Isolates the tunnel client within a dedicated Proxy VM Prevents configuration errors Separate firewall VM not required Easy setup Simple install script; No file editing or IP numbers necessary Lets you 'drop in' configuration files from VPN service provider Flexible installation into template or to individual ProxyVMs New in this version, v1.4.1 Qubes 4.0.1 support Control over specific firewall restrictions Better compatibility with MTU fragmentation detection New in v1.4.0 Anti-leak for IPv6 All DNS requests forced to chosen VPN DNS Firewall integrity checked before connecting Quicker re-connection Supports passwordless cert authentication * Also note that Qubes 3.x is no longer detected or supported. * Updating to the new version is simple and described in the 'Quickstart' guide. * For users of qubes-tunnel (twin vpn project), an equivalent update is forthcoming in the next week. However, if you wish to switch to Qubes-vpn-support now, you can install it without issues for a new VPN VM. Which Debian-9 packages besides openvpn need to be installed in the Template for QVS to work ? I'm finding that sudo apt-get install openvpn isn't enough on the default Deb-9 Template just installed, and copying over backed up AppVMs from another machine. It does worked with another Debian-9 template copied over from the other machine but I'd like to use the fresh installed Deb-9 on the new machine instead. am finding that bash ./install is just returning empty if it's installed already . would that be normal ? Regards -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8ce0f84d-f250-4ed3-693c-25a48a5c117c%40riseup.net. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: ANN: Qubes-vpn-support v1.4.1 released!
On 6/21/19 8:39 AM, Anhangá wrote: Can it be used in a VMProxy to estabilish a tunnel like AppVm -> Tor -> VMProxy(VPN) -> Internet? Yes, it is the same idea. I tried the qubes documentation to create a VMProxy through CLI and iptable, it worked to estabilish connection with openVPN in the VMProxy. I set the NetVM as VMProxy in my anon-whonixVM, but for some reason, it bypass the VMProxy and uses only the Tor Network. Putting VMProxy between whonix and Internet means your apps will appear to be simply using Tor. Its only when examining your local net traffic that you can see Tor is carried inside the VPN tunnel (no Tor packets visible to your ISP). -- Chris Laprise, tas...@posteo.net https://github.com/tasket https://twitter.com/ttaskett PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e1081312-203e-4a2e-2fe4-54441e8ca533%40posteo.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: ANN: Qubes-vpn-support v1.4.1 released!
On 6/21/19 11:27 PM, Jon deps wrote: On 6/20/19 8:00 PM, Chris Laprise wrote: Version 1.4.1 of Qubes-vpn-support has been released. It includes tweaks for smoother operation, greater control over the firewall, and revised docs in the Readme: https://github.com/tasket/Qubes-vpn-support Features Provides a fail closed, antileak VPN tunnel environment Isolates the tunnel client within a dedicated Proxy VM Prevents configuration errors Separate firewall VM not required Easy setup Simple install script; No file editing or IP numbers necessary Lets you 'drop in' configuration files from VPN service provider Flexible installation into template or to individual ProxyVMs New in this version, v1.4.1 Qubes 4.0.1 support Control over specific firewall restrictions Better compatibility with MTU fragmentation detection New in v1.4.0 Anti-leak for IPv6 All DNS requests forced to chosen VPN DNS Firewall integrity checked before connecting Quicker re-connection Supports passwordless cert authentication * Also note that Qubes 3.x is no longer detected or supported. * Updating to the new version is simple and described in the 'Quickstart' guide. * For users of qubes-tunnel (twin vpn project), an equivalent update is forthcoming in the next week. However, if you wish to switch to Qubes-vpn-support now, you can install it without issues for a new VPN VM. Updating, and the Template used for the ProxyAppVM being Debian-9 I am repeatedly getting the corner pop-up box "Ready to Start Link" and using it as the netvm there is no networking hmm maybe disregard seems to have magically fixed itself -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/599d66c8-ecdd-e26c-2732-021ac49850a6%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: ANN: Qubes-vpn-support v1.4.1 released!
On 6/20/19 8:00 PM, Chris Laprise wrote: Version 1.4.1 of Qubes-vpn-support has been released. It includes tweaks for smoother operation, greater control over the firewall, and revised docs in the Readme: https://github.com/tasket/Qubes-vpn-support Features Provides a fail closed, antileak VPN tunnel environment Isolates the tunnel client within a dedicated Proxy VM Prevents configuration errors Separate firewall VM not required Easy setup Simple install script; No file editing or IP numbers necessary Lets you 'drop in' configuration files from VPN service provider Flexible installation into template or to individual ProxyVMs New in this version, v1.4.1 Qubes 4.0.1 support Control over specific firewall restrictions Better compatibility with MTU fragmentation detection New in v1.4.0 Anti-leak for IPv6 All DNS requests forced to chosen VPN DNS Firewall integrity checked before connecting Quicker re-connection Supports passwordless cert authentication * Also note that Qubes 3.x is no longer detected or supported. * Updating to the new version is simple and described in the 'Quickstart' guide. * For users of qubes-tunnel (twin vpn project), an equivalent update is forthcoming in the next week. However, if you wish to switch to Qubes-vpn-support now, you can install it without issues for a new VPN VM. Updating, and the Template used for the ProxyAppVM being Debian-9I am repeatedly getting the corner pop-up box "Ready to Start Link" and using it as the netvm there is no networking -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d7987bab-b86d-c14d-58b9-462ecb28af7d%40riseup.net. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: ANN: Qubes-vpn-support v1.4.1 released!
Can it be used in a VMProxy to estabilish a tunnel like AppVm -> Tor -> VMProxy(VPN) -> Internet? I tried the qubes documentation to create a VMProxy through CLI and iptable, it worked to estabilish connection with openVPN in the VMProxy. I set the NetVM as VMProxy in my anon-whonixVM, but for some reason, it bypass the VMProxy and uses only the Tor Network. Em quinta-feira, 20 de junho de 2019 17:00:22 UTC-3, Chris Laprise escreveu: > Version 1.4.1 of Qubes-vpn-support has been released. It includes tweaks > for smoother operation, greater control over the firewall, and revised > docs in the Readme: > > https://github.com/tasket/Qubes-vpn-support > > Features > > Provides a fail closed, antileak VPN tunnel environment > Isolates the tunnel client within a dedicated Proxy VM > Prevents configuration errors > Separate firewall VM not required > > Easy setup > > Simple install script; No file editing or IP numbers necessary > Lets you 'drop in' configuration files from VPN service provider > Flexible installation into template or to individual ProxyVMs > > New in this version, v1.4.1 > > Qubes 4.0.1 support > Control over specific firewall restrictions > Better compatibility with MTU fragmentation detection > > New in v1.4.0 > > Anti-leak for IPv6 > All DNS requests forced to chosen VPN DNS > Firewall integrity checked before connecting > Quicker re-connection > Supports passwordless cert authentication > > > * Also note that Qubes 3.x is no longer detected or supported. > > * Updating to the new version is simple and described in the > 'Quickstart' guide. > > * For users of qubes-tunnel (twin vpn project), an equivalent update is > forthcoming in the next week. However, if you wish to switch to > Qubes-vpn-support now, you can install it without issues for a new VPN VM. > > -- > > Chris Laprise, tas...@posteo.net > https://github.com/tasket > https://twitter.com/ttaskett > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/8da2326b-13d0-45c9-8f7d-6203e65a6ffe%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.