FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 08-20-2011, 09:33 AM
Manuel Escudero
 
Default Personal VPN on Fedora

Hi there:
I was wondering if is there something like Hotspot Shield or TunnelBear for Linux

or if not, How can I easily mount a VPN connection in Fedora?

Have been reading a lot, but it's quite difficult :S

OpenVPN is too difficult to Setup and Tor is not what I'm looking for.


Any advice?


--
Manuel EscuderoLinux User #509052
Twitter:*@Jmlevick
Blogger:*Blog*Xenode

PGP/GnuPG:*E2F5 12FA E1C3 FA58 CF15 *8481 B77B 00CA C1E1 0FA7Xenode Systems -*xenodesystems.com*-*"Conéctate a Tu Mundo"


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-20-2011, 09:38 AM
Reindl Harald
 
Default Personal VPN on Fedora

Am 20.08.2011 11:33, schrieb Manuel Escudero:
> Hi there:
>
> I was wondering if is there something like Hotspot Shield or TunnelBear for Linux
> or if not, How can I easily mount a VPN connection in Fedora?
>
> Have been reading a lot, but it's quite difficult :S
>
> OpenVPN is too difficult to Setup

what is there difficult?
you only need to generate the certs and a config like the follwoing
and for the client nearly 1:1 the same config and you start openvpn
on the client automatically as service

cat /etc/openvpn/openvpn.conf
# We are working as server
mode server
tls-server

# Which TCP/UDP port should OpenVPN listen on?
port 1194

# TCP or UDP server?
proto udp

# Protocol options
tun-mtu 1500
mssfix
key-method 2

# tun is an IP tunnel,
# tap an ethernet tunnel and used with bridges
dev tap0

# SSL/TLS root certificate (ca)
# certificate (cert), and private key (key).
# Each client and the server must have their own cert and key file.
# The server and all clients will use the same ca file.
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
tls-auth /etc/openvpn/ta.key 0

# Diffie hellman parameters.
dh /etc/openvpn/dh1024.pem

# auth method
auth SHA1

# encryption method
cipher AES-256-CBC

# TAP-Configuration
server-bridge 10.0.0.134 255.255.255.0 10.0.0.241 10.0.0.252

# Uncomment this directive to allow different
# clients to be able to "see" each other.
client-to-client

# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names.
duplicate-cn

# The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
keepalive 10 120

# Enable compression on the VPN link.
# If you enable it here, you must also
# enable it in the client config file.
comp-lzo

# The maximum number of concurrently connected
# clients we want to allow.
max-clients 20

# It's a good idea to reduce the OpenVPN
# daemon's privileges after initialization.
user nobody
group nobody

# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun

# Logging and chroot
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
chroot /var/log/openvpn

# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3

# Silence repeating messages.
mute 20

# do not allow user-defined scripts
script-security 1
_____________

ok, a bridge service should also run on the server

cat /etc/init.d/openvpn-bridge
#!/bin/bash

# openvpn-bridge
# This shell script takes care of starting and stopping
# network-bridge on RedHat or other chkconfig-based system.
#
# chkconfig: - 23 76
#
# description:
# Start and stop ethernet-bridge for openvpn
# Requires package 'bridge-utils'

### BEGIN INIT INFO
# Provides: openvpn-bridge
# Required-Start: $network
# Required-Stop: $network
# Short-Description: start and stop openvpn-ethernet-bridge
# Description:
# This shell script takes care of starting and stopping
# network-bridge on RedHat or other chkconfig-based system.
### END INIT INFO

br="br0"
tap="tap0"
eth="eth1"
eth_ip="10.0.0.134"
eth_netmask="255.255.255.0"
eth_broadcast="10.0.0.255"
gw="10.0.0.1"

start_bridge () {
for t in $tap; do
openvpn --mktun --dev $t
done

for t in $tap; do
ifconfig $t 0.0.0.0 promisc up
done

ifconfig $eth 0.0.0.0 promisc up

brctl addbr $br
brctl addif $br $eth

for t in $tap; do
brctl addif $br $t
done

ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast up
# route add default gw $gw $br
}



stop_bridge () {
ifconfig $br down
brctl delbr $br
for t in $tap; do
openvpn --rmtun --dev $t
done

ifconfig $eth $eth_ip netmask $eth_netmask broadcast $eth_broadcast up
# route add default gw $gw $eth
}



case "$1" in
start)
echo -n "Starting Bridge"
start_bridge
;;
stop)
echo -n "Stopping Bridge"
stop_bridge
;;
restart)
stop_bridge
sleep 2
start_bridge
;;
*)
echo "Usage: $0 {start|stop|restart}" >&2
exit 1
;;
esac

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-22-2011, 08:03 AM
Roberto Ragusa
 
Default Personal VPN on Fedora

On 08/20/2011 11:38 AM, Reindl Harald wrote:
>
>
> Am 20.08.2011 11:33, schrieb Manuel Escudero:
>> Hi there:
>>
>> I was wondering if is there something like Hotspot Shield or TunnelBear for Linux
>> or if not, How can I easily mount a VPN connection in Fedora?
>>
>> Have been reading a lot, but it's quite difficult :S
>>
>> OpenVPN is too difficult to Setup
>
> what is there difficult?
> you only need to generate the certs and a config like the follwoing
> and for the client nearly 1:1 the same config and you start openvpn
> on the client automatically as service

Or you can avoid the certs and do a simple preshared key configuration,
which is simpler.

--
Roberto Ragusa mail at robertoragusa.it
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-22-2011, 09:04 AM
admin lewis
 
Default Personal VPN on Fedora

2011/8/20 Manuel Escudero <Jmlevick@gmail.com>:
> Hi there:
>
> I was wondering if is there something like Hotspot Shield or TunnelBear for
> Linux
> or if not, How can I easily mount a VPN connection in Fedora?
> Have been reading a lot, but it's quite difficult :S
> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.
> Any advice?

Try to download/install some gui for openvpn

openvpn-admin.noarch : OpenVPN-Admin is a multiplatform GUI for OpenVPN.
stonevpn.noarch : Easy OpenVPN certificate and configuration management

to install (from root):
# yum install openvpn-admin

then configure openvpn from gui.. anyway openvpn is the easiest way to
connect a vpn..
dont forget u can connect to a vpn by the NetworkManager too
cheers
lewis




--
my blog - http://predellino.blogspot.com/
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-23-2011, 08:04 AM
Manuel Escudero
 
Default Personal VPN on Fedora

2011/8/22 admin lewis <adminlewis@gmail.com>


2011/8/20 Manuel Escudero <Jmlevick@gmail.com>:

> Hi there:

>

> I was wondering if is there something like Hotspot Shield or TunnelBear for

> Linux

> or if not, How can I easily mount a VPN connection in Fedora?

> Have been reading a lot, but it's quite difficult :S

> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.

> Any advice?



Try to download/install some gui for openvpn



openvpn-admin.noarch : OpenVPN-Admin is a multiplatform GUI for OpenVPN.

stonevpn.noarch : Easy OpenVPN certificate and configuration management



to install (from root):

# yum install openvpn-admin



then configure openvpn from gui.. anyway openvpn is the easiest way to

connect a vpn..

dont forget u can connect to a vpn by the NetworkManager too

cheers

lewis









--

my blog - http://predellino.blogspot.com/

--

users mailing list

users@lists.fedoraproject.org

To unsubscribe or change subscription options:

https://admin.fedoraproject.org/mailman/listinfo/users

Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


VPN Mounting on fedora is a little painful... Using any method.At the end I found what I needed but it just seem to work in Ubuntuand not in Fedora. However, As I'm going to recieve some "Acer Aspire

Revo" PC's (one for personal use) to transform them into different kindsof Linux Servers, I decided that Mounting an OpenVPN installation "for once in a lifetime"in order to use it whenever it is needed is worth the time it requires,*


Thanks!

--
Manuel EscuderoLinux User #509052
Twitter:*@Jmlevick
Blogger:*Blog*Xenode

PGP/GnuPG:*E2F5 12FA E1C3 FA58 CF15 *8481 B77B 00CA C1E1 0FA7Xenode Systems -*xenodesystems.com*-*"Conéctate a Tu Mundo"


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-24-2011, 02:51 AM
Manuel Escudero
 
Default Personal VPN on Fedora

2011/8/23 Manuel Escudero <Jmlevick@gmail.com>





2011/8/22 admin lewis <adminlewis@gmail.com>




2011/8/20 Manuel Escudero <Jmlevick@gmail.com>:

> Hi there:

>

> I was wondering if is there something like Hotspot Shield or TunnelBear for

> Linux

> or if not, How can I easily mount a VPN connection in Fedora?

> Have been reading a lot, but it's quite difficult :S

> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.

> Any advice?



Try to download/install some gui for openvpn



openvpn-admin.noarch : OpenVPN-Admin is a multiplatform GUI for OpenVPN.

stonevpn.noarch : Easy OpenVPN certificate and configuration management



to install (from root):

# yum install openvpn-admin



then configure openvpn from gui.. anyway openvpn is the easiest way to

connect a vpn..

dont forget u can connect to a vpn by the NetworkManager too

cheers

lewis









--

my blog - http://predellino.blogspot.com/

--

users mailing list

users@lists.fedoraproject.org

To unsubscribe or change subscription options:

https://admin.fedoraproject.org/mailman/listinfo/users

Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


VPN Mounting on fedora is a little painful... Using any method.At the end I found what I needed but it just seem to work in Ubuntuand not in Fedora. However, As I'm going to recieve some "Acer Aspire



Revo" PC's (one for personal use) to transform them into different kindsof Linux Servers, I decided that Mounting an OpenVPN installation "for once in a lifetime"in order to use it whenever it is needed is worth the time it requires,*




Thanks!

--
Manuel EscuderoLinux User #509052
Twitter:*@Jmlevick
Blogger:*Blog*Xenode



PGP/GnuPG:*E2F5 12FA E1C3 FA58 CF15 *8481 B77B 00CA C1E1 0FA7Xenode Systems -*xenodesystems.com*-*"Conéctate a Tu Mundo"




UPDATE on this issue:
With "At the end I found what I needed" I was refering to"Hostizzle"


wich is a service that provide you with free OpenVPN certificates andconfiguration files, installing OpenVPN package from repos & the lastest Kvpnc on the machine (built from


source this one) I was able to connect to an external hosted VPN just like with HotspotShield or TunnelBear using the package that "Hostizzle" provide to you...



Hostizzle Provide you with 100GB of monthly VPN bandwidth, an USA IP adress,
connection encryption with blowfish SSL/TLS of 1024 Bits and other interesting stuff.


The thing worked at the end in Fedora too, just had to use the lastest version of
OpenVPN Client "Kvpnc" and disable SELinux; (Set it to permissive mode,
after using the VPN I switch to enforcing always). The Point is, If it works on Fedora
and Ubuntu, I bet this solution can work in any distro.



Hope this helps someone out there.


P.S. More info, the tutorial and even a video of my "investigation" are in here:



http://xenodesystems.blogspot.com/2011/08/al-fin-hotspot-shieldtunnelbear-en.html

(in spanish) go there if you want to know more



C'ya!

--
Manuel EscuderoLinux User #509052

Twitter:*@Jmlevick
Blogger:*Blog*XenodePGP/GnuPG:*E2F5 12FA E1C3 FA58 CF15 *8481 B77B 00CA C1E1 0FA7


Xenode Systems -*xenodesystems.com*-*"Conéctate a Tu Mundo"


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-24-2011, 09:31 AM
Timothy Murphy
 
Default Personal VPN on Fedora

Manuel Escudero wrote:

> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.

I'm puzzled by this thread.
It doesn't seem to me to be too difficult to set up an OpenVPN server,
following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .

Or are you all trying to do something else?


--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-24-2011, 12:47 PM
Daniel J Walsh
 
Default Personal VPN on Fedora

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/23/2011 10:51 PM, Manuel Escudero wrote:
>
>
> 2011/8/23 Manuel Escudero <Jmlevick@gmail.com
> <mailto:Jmlevick@gmail.com>>
>
>
>
> 2011/8/22 admin lewis <adminlewis@gmail.com
> <mailto:adminlewis@gmail.com>>
>
> 2011/8/20 Manuel Escudero <Jmlevick@gmail.com
> <mailto:Jmlevick@gmail.com>>:
>> Hi there:
>>
>> I was wondering if is there something like Hotspot Shield or
> TunnelBear for
>> Linux or if not, How can I easily mount a VPN connection in
>> Fedora? Have been reading a lot, but it's quite difficult :S
>> OpenVPN is too difficult to Setup and Tor is not what I'm
> looking for.
>> Any advice?
>
> Try to download/install some gui for openvpn
>
> openvpn-admin.noarch : OpenVPN-Admin is a multiplatform GUI for
> OpenVPN. stonevpn.noarch : Easy OpenVPN certificate and
> configuration management
>
> to install (from root): # yum install openvpn-admin
>
> then configure openvpn from gui.. anyway openvpn is the easiest way
> to connect a vpn.. dont forget u can connect to a vpn by the
> NetworkManager too cheers lewis
>
>
>
>
> -- my blog - http://predellino.blogspot.com/ -- users mailing list
> users@lists.fedoraproject.org
> <mailto:users@lists.fedoraproject.org> To unsubscribe or change
> subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users Guidelines:
> http://fedoraproject.org/wiki/Mailing_list_guidelines
>
>
> VPN Mounting on fedora is a little painful... Using any method. At
> the end I found what I needed but it just seem to work in Ubuntu
> and not in Fedora. However, As I'm going to recieve some "Acer
> Aspire Revo" PC's (one for personal use) to transform them into
> different kinds of Linux Servers, I decided that Mounting an
> OpenVPN installation "for once in a lifetime" in order to use it
> whenever it is needed is worth the time it requires,
>
> Thanks!
>
>
> -- Manuel Escudero Linux User #509052 Twitter: @Jmlevick
> <http://twitter.com/Jmlevick> Blogger: Blog Xenode
> <http://xenodesystems.blogspot.com/> PGP/GnuPG: E2F5 12FA E1C3 FA58
> CF15 8481 B77B 00CA C1E1 0FA7 Xenode Systems - xenodesystems.com
> <http://www.xenodesystems.com/> - "Conéctate a Tu Mundo"
>
>
>
> UPDATE on this issue:
>
> With "At the end I found what I needed" I was refering
> to"Hostizzle" wich is a service that provide you with free OpenVPN
> certificates and configuration files, installing OpenVPN package
> from repos & the lastest Kvpnc on the machine (built from source
> this one) I was able to connect to an external hosted VPN just like
> with Hotspot Shield or TunnelBear using the package that
> "Hostizzle" provide to you...
>
> Hostizzle Provide you with 100GB of monthly VPN bandwidth, an USA
> IP adress, connection encryption with blowfish SSL/TLS of 1024 Bits
> and other interesting stuff.
>
> The thing worked at the end in Fedora too, just had to use the
> lastest version of OpenVPN Client "Kvpnc" and disable SELinux; (Set
> it to permissive mode, after using the VPN I switch to enforcing
> always). The Point is, If it works on Fedora and Ubuntu, I bet this
> solution can work in any distro.
>

Your SELinux problems are most likely with the cert files being
mislabeled. If you put the certs in ~/.pki or ~/.cert, and run
restorecon on the file everything should work.


> Hope this helps someone out there.
>
>
> P.S. More info, the tutorial and even a video of my "investigation"
> are in here:
>
> http://xenodesystems.blogspot.com/2011/08/al-fin-hotspot-shieldtunnelbear-en.html
>
> (in spanish) go there if you want to know more
>
> C'ya!
>
> -- Manuel Escudero Linux User #509052 Twitter: @Jmlevick
> <http://twitter.com/Jmlevick> Blogger: Blog Xenode
> <http://xenodesystems.blogspot.com/> PGP/GnuPG: E2F5 12FA E1C3 FA58
> CF15 8481 B77B 00CA C1E1 0FA7 Xenode Systems - xenodesystems.com
> <http://www.xenodesystems.com/> - "Conéctate a Tu Mundo"
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk5U8vcACgkQrlYvE4MpobOYmgCfbrBZd+YJ5k ofMcFii09Z61fT
Wv8AoKI2y0BKbYR4aQc2P8S4rPZXMw0r
=uZFQ
-----END PGP SIGNATURE-----
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-24-2011, 12:57 PM
Manuel Escudero
 
Default Personal VPN on Fedora

2011/8/24 Timothy Murphy <gayleard@eircom.net>


Manuel Escudero wrote:



> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.



I'm puzzled by this thread.

It doesn't seem to me to be too difficult to set up an OpenVPN server,

following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .



Or are you all trying to do something else?





--

Timothy Murphy

e-mail: gayleard /at/ eircom.net

tel: +353-86-2336090, +353-1-2842366

s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland



--

users mailing list

users@lists.fedoraproject.org

To unsubscribe or change subscription options:

https://admin.fedoraproject.org/mailman/listinfo/users

Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


The idea was to get an easy solution to mount a personal VPNin Linux using an external "pre-arranged" solution such as thoseyou might use on windows or mac, (HotspotShield/TunnelBear).


See, Win/Mac users don't mount their own VPN servers when theywanna use VPN because of those apps, I found a solution likethat but for Linux, and that was what I was looking for in the first place.


--
Manuel EscuderoLinux User #509052
Twitter:*@Jmlevick
Blogger:*Blog*Xenode

PGP/GnuPG:*E2F5 12FA E1C3 FA58 CF15 *8481 B77B 00CA C1E1 0FA7Xenode Systems -*xenodesystems.com*-*"Conéctate a Tu Mundo"


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 08-24-2011, 03:17 PM
Timothy Murphy
 
Default Personal VPN on Fedora

Manuel Escudero wrote:

>> I'm puzzled by this thread.
>> It doesn't seem to me to be too difficult to set up an OpenVPN server,
>> following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .
>>
>> Or are you all trying to do something else?

> The idea was to get an easy solution to mount a personal VPN
> in Linux using an external "pre-arranged" solution such as those
> you might use on windows or mac, (HotspotShield/TunnelBear).

I'm still puzzled, almost certainly due to my ignorance.
What exactly is a "personal VPN"?
Is OpenVPN a "personal VPN"?

As far as I can see, Hotspot Shield and Tunnel Bear
are both running VPN servers, on a free/commercial basis,
and if you subscribe to them you can run a VPN client
which communicates with or through them.
Or have I got that wrong?

> See, Win/Mac users don't mount their own VPN servers when they
> wanna use VPN because of those apps, I found a solution like
> that but for Linux, and that was what I was looking for in the first
> place.

It's not really clear to me what this has to do with Linux or Windows.
In fact, from a very quick glance at their bumpf,
it seemed to me that Hotspot Shield probably is running a Linux VPN server.

But I admit I'm far from expert on VPN.


--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 12:09 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org