vpn
-
I want to set up OpenVPN on Ubuntu Touch, but my VPN only supports the AES-256-GCM cipher and the OpenVPN setting in Ubuntu Touch only supports AES-256-CBC. Is it possible to add AES-256-GCM support?
I tried to follow this guide: https://ubports.com/blog/ubports-news-1/vpn-on-ubuntu-touch-3022, but when I download the OpenVPN config it only contains the CA certificate and TLS cert—not the four certificates mentioned in the guide.
-
@Privacy-freedom
If you want the server on UT, I don't know.
To connect to a domestic openvpn server:I made it working by exporting a config file from a pc and import in networkmanager client
I use pihole with openvpnsudo nmcli connection import type openvpn file /home/phablet/Documents/phd.nmconnection
on pihole
sudo iptables -t nat -A POSTROUTING -s 10.23.18.0/24 ! -d 10.23.18.0/24 -j SNAT --to 192.168.129.36 -
I use WireGuard on a Raspberry Pi behind the router. It works perfectly.
-
@Linus67 I run wireguard on my openwrt router so when I'm at home I run VPN 24/7 but when I'm outside my house and I'm on 4g/5g I want a VPN
-
@Vlad-Nirky might have to give this a try
but my router runs openwrt with wireguard -
@Privacy-freedom perfect, for this workaround in the link do you need only a wg0.conf file.
-
@Linus67 I used this workaround before i imported it using nmcli but I noticed you can't use dns blocklists in the configs,
on my openwrt router I use addguard home and if I use an wireguard config with the import wouraround on Ububtu touch my DNS quarry's is visible in addguard home, even tho an DNS leak test on Ubuntu touch shows no leeks as if the DNS quereys Is visbale on the router outside the VPN,
But if i use an WG config on Ubuntu touch with no addblocks the querrys are hidden and not vissibale on router
I did this by downloading an WG config from mullvads config generator
-
@Privacy-freedom
In wg0.conf, I’ve only entered the Raspberry Pi’s IP address with Pi-hole as the DNS server.
I’ve disabled IPv6 in OpenWrt. So all traffic always goes through Pi-hole. It works perfekt for me. -
@Linus67 i have only used this workaround with normal wg configs
but wired that it leaks dns equerry in plain text to router if dns blocklists are enabled in config on ubuntu touch but no leak if non filters are selected based on my testing
my dns on leak test sites in Ubuntu touch even only shows vpn dns yet somehow the equerry are sent in plain text to router -
@Privacy-freedom
I haven’t looked into DNS blocklists on Ubuntu Touch yet. Where are these configured on UT? -
@Linus67 just in the wireguard config
when you download an config from mullvad you have the option to select blocklists
i assume most vpns have the same option when dowloading wg configs -
@Privacy-freedom
OK, you’ve downloaded a .conf files.I’ve installed WireGuard in Docker on the Raspberry Pi with Pi-hole.
You have to write the .conf file yourself. I’ve created three .conf files: full, split and tolerant.
full.conf = DNS only via Pi-hole. -
@will try this pi hole is easy to install on openwrt
downlwding conf files from mullvad seems to work aslong as no blacklists are selected
will try to find an way to verify that the encryption works
is this method only meant for pi hole and coustom configs did not see that mentioned in the guide
-
@Privacy-freedom
You need to gain a bit more experience to create a .conf file properly and ensure it works as intended.
Don’t forget to make copies of your working settings. AI can also be helpful.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login