Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2024-10-01 01:25:40 -04:00
Code Issues Packages Projects Releases Wiki Activity

Update vpn.md

Browse Source 
#1052 fixed :)
This commit is contained in:
Zrubi 2016-01-22 11:23:37 +01:00
parent f802c0366e
commit 4467858bc6
1 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
privacy/vpn.md
View File

@ -11,7 +11,7 @@ redirect_from:
How To make a VPN Gateway in Qubes
----------------------------------
The simplest case if you set up a VPN connection using the Network Manager inside one of your VMs. Setting up such a connection is really not Qubes specific and it is documented in Your operating system documentation. If you using the Qubes default Guest OS (Fedora): [Establishing a VPN Connection](http://docs.fedoraproject.org/en-US/Fedora/18/html/System_Administrators_Guide/sec-Establishing_a_VPN_Connection.html)
The simplest case if you set up a VPN connection using the Network Manager inside one of your VMs. Setting up such a connection is really not Qubes specific and it is documented in Your operating system documentation. If you using the Qubes default Guest OS (Fedora): [Establishing a VPN Connection](https://docs.fedoraproject.org/en-US/Fedora/23/html/Networking_Guide/sec-Establishing_a_VPN_Connection.html)
The Qubes specific part is to choose the right VM for the VPN client:
@ -28,30 +28,28 @@ While the Network Manager is not started here (for a good reason), you can confi
### ProxyVM
**WARNING:** *Currently the NetworkManager is not working in ProxyVMs as expected. Actually it will mess up the routing table and because of that your packets may not be routed to the VPN tunnel. - This surely occurs if your VPN wants to be the default gateway.* ([#1052](https://github.com/QubesOS/qubes-issues/issues/1052))
**WARNING:** *You need to use Qubes 3.1-rc2 (or later)! In the previous releases the NetworkManager was not working in ProxyVMs as expected.* ([#1052](https://github.com/QubesOS/qubes-issues/issues/1052))
One of the best thing in Qubes that you can use a special type of VMs called ProxyVM (or FirewallVM). The special thing is that your AppVMs see this as a NetVM, and the NetVMs see it as an AppVM. Because of that You can place a ProxyVM between your AppVMs and Your NetVM. This is how the default firewall VM is working.
Using a ProxyVM to set up a VPN client gives you the ability to:
- Separate your VPN credentials from Your NetVM
- Separate your VPN credentials from Your AppVM data.
- Easily control which of your AppVMs are connected to your VPN by simply setting it as a NetVM of the desired AppVM.
**To setup a ProxyVM as a VPN gateway you should:**
1. Check (`rpm -q qubes-core-vm`) if you have the package **qubes-core-vm**
version **2.1.36** (or later).
2. Create a new VM and check the ProxyVM radio button.
1. Create a new VM and check the ProxyVM radio button.
![Create\_New\_VM.png](/attachment/wiki/VPN/Create_New_VM.png)
3. Add the `network-manager` service to this new VM.
2. Add the `network-manager` service to this new VM.
![Settings-services.png](/attachment/wiki/VPN/Settings-services.png)
4. Wet up your VPN as described in the Network Manager documentation linked above.
3. Wet up your VPN as described in the Network Manager documentation linked above.
5. Connect your AppVMs to use the new VM as a NetVM.
4. Connect your AppVMs to use the new VM as a NetVM.
![Settings-NetVM.png](/attachment/wiki/VPN/Settings-NetVM.png)