Git-Mirrors
/
qubes-doc
mirror of https://github.com/QubesOS/qubes-doc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'vpn-troubleshooting' of https://github.com/PROTechThor/qubes-doc into PROTechThor-vpn-troubleshooting

This commit is contained in:
Andrew David Wong 2020-11-16 20:27:16 -08:00
parent 2e4513d72e cf04fba222
commit 6300d7ba07
No known key found for this signature in database
GPG Key ID: 8CE137352A019A17
3 changed files with 33 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
doc.md
View File

@ -131,6 +131,7 @@ Core documentation for Qubes users.
* [GUI Troubleshooting](/doc/gui-troubleshooting/)
* [Media Troubleshooting](/doc/media-troubleshooting/)
* [Firewall Troubleshooting](/doc/firewall/#firewall-troubleshooting)
* [VPN Troubleshooting](/doc/vpn-troubleshooting/)
### Reference Pages

4
external/configuration-guides/vpn.md vendored
View File

@ -318,6 +318,4 @@ If you want to update your TemplateVMs through the VPN, you can enable the `qube
Troubleshooting
---------------
* Always test your basic VPN connection before adding scripts.
* Test DNS: Ping a familiar domain name from an appVM. It should print the IP address for the domain.
* Use `iptables -L -v` and `iptables -L -v -t nat` to check firewall rules. The latter shows the critical PR-QBS chain that enables DNS forwarding.
See the [VPN Troubleshooting](/doc/vpn-troubleshooting/) guide for tips on how to fix common VPN issues.

31
user/troubleshooting/vpn-troubleshooting.md Normal file
View File

@ -0,0 +1,31 @@
---
layout: doc
title: VPN Troubleshooting
permalink: /doc/vpn-troubleshooting/
---
# VPN Troubleshooting Guide #
## Tips
* If using qubes-vpn, check the VPN service's log in the VPN VM by running:
~~~
sudo journalctl -u qubes-vpn-handler
~~~
* Always test your basic VPN connection before adding scripts.
* Test DNS: Ping a familiar domain name from an appVM. It should print the IP address for the domain.
* Use `iptables -L -v` and `iptables -L -v -t nat` to check firewall rules. The latter shows the critical PR-QBS chain that enables DNS forwarding.
## VPN does not reconnect after suspend
This applies when using OpenVPN.
After suspend/resume, OpenVPN may not automatically reconnect. In order to get it to work, you must kill the OpenVPN process and restart it.
## VPN stuck at "Ready to start link"
After setting up OpenVPN and restarting the VM, you may be repeatedly getting the popup "Ready to start link", but the VPN isn't connected.
To figure out the root of the problem, check the VPN logs in `/var/logs/syslog`. The log may reveal issues like missing OpenVPN libraries, which you can then install.