Personal VPN on Fedora

classic Classic list List threaded Threaded
14 messages Options
Reply | Threaded
Open this post in threaded view
|

Personal VPN on Fedora

Manuel Escudero
Hi there:

I was wondering if is there something like Hotspot Shield or TunnelBear for Linux
or if not, How can I easily mount a VPN connection in Fedora?

Have been reading a lot, but it's quite difficult :S

OpenVPN is too difficult to Setup and Tor is not what I'm looking for.

Any advice?

--
Manuel Escudero
Linux User #509052
Twitter: @Jmlevick
Blogger: Blog Xenode
PGP/GnuPG: E2F5 12FA E1C3 FA58 CF15  8481 B77B 00CA C1E1 0FA7
Xenode Systems - xenodesystems.com - "Conéctate a Tu Mundo"

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Reindl Harald-2


Am 20.08.2011 11:33, schrieb Manuel Escudero:
> Hi there:
>
> I was wondering if is there something like Hotspot Shield or TunnelBear for Linux
> or if not, How can I easily mount a VPN connection in Fedora?
>
> Have been reading a lot, but it's quite difficult :S
>
> OpenVPN is too difficult to Setup

what is there difficult?
you only need to generate the certs and a config like the follwoing
and for the client nearly 1:1 the same config and you start openvpn
on the client automatically as service

cat /etc/openvpn/openvpn.conf
# We are working as server
mode server
tls-server

# Which TCP/UDP port should OpenVPN listen on?
port 1194

# TCP or UDP server?
proto udp

# Protocol options
tun-mtu 1500
mssfix
key-method 2

# tun is an IP tunnel,
# tap an ethernet tunnel and used with bridges
dev tap0

# SSL/TLS root certificate (ca)
# certificate (cert), and private key (key).
# Each client and the server must have their own cert and key file.
# The server and all clients will use the same ca file.
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
tls-auth /etc/openvpn/ta.key 0

# Diffie hellman parameters.
dh /etc/openvpn/dh1024.pem

# auth method
auth SHA1

# encryption method
cipher AES-256-CBC

# TAP-Configuration
server-bridge 10.0.0.134 255.255.255.0 10.0.0.241 10.0.0.252

# Uncomment this directive to allow different
# clients to be able to "see" each other.
client-to-client

# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names.
duplicate-cn

# The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
keepalive 10 120

# Enable compression on the VPN link.
# If you enable it here, you must also
# enable it in the client config file.
comp-lzo

# The maximum number of concurrently connected
# clients we want to allow.
max-clients 20

# It's a good idea to reduce the OpenVPN
# daemon's privileges after initialization.
user nobody
group nobody

# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun

# Logging and chroot
status /var/log/openvpn/openvpn-status.log
log  /var/log/openvpn/openvpn.log
chroot /var/log/openvpn

# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3

# Silence repeating messages.
mute 20

# do not allow user-defined scripts
script-security 1
_____________

ok, a bridge service should also run on the server

cat /etc/init.d/openvpn-bridge
#!/bin/bash

# openvpn-bridge
# This shell script takes care of starting and stopping
# network-bridge on RedHat or other chkconfig-based system.
#
# chkconfig: - 23 76
#
# description:
# Start and stop ethernet-bridge for openvpn
# Requires package 'bridge-utils'

### BEGIN INIT INFO
# Provides: openvpn-bridge
# Required-Start: $network
# Required-Stop: $network
# Short-Description: start and stop openvpn-ethernet-bridge
# Description:
# This shell script takes care of starting and stopping
# network-bridge on RedHat or other chkconfig-based system.
### END INIT INFO

br="br0"
tap="tap0"
eth="eth1"
eth_ip="10.0.0.134"
eth_netmask="255.255.255.0"
eth_broadcast="10.0.0.255"
gw="10.0.0.1"

start_bridge () {
 for t in $tap; do
  openvpn --mktun --dev $t
 done

 for t in $tap; do
  ifconfig $t 0.0.0.0 promisc up
 done

 ifconfig $eth 0.0.0.0 promisc up

 brctl addbr $br
 brctl addif $br $eth

 for t in $tap; do
  brctl addif $br $t
 done

 ifconfig $br $eth_ip netmask $eth_netmask broadcast $eth_broadcast up
 # route add default gw $gw $br
}



stop_bridge () {
 ifconfig $br down
 brctl delbr $br
 for t in $tap; do
  openvpn --rmtun --dev $t
 done

 ifconfig $eth $eth_ip netmask $eth_netmask broadcast $eth_broadcast up
 # route add default gw $gw $eth
}



case "$1" in
 start)
   echo -n "Starting Bridge"
   start_bridge
   ;;
 stop)
   echo -n "Stopping Bridge"
   stop_bridge
   ;;
 restart)
   stop_bridge
   sleep 2
   start_bridge
   ;;
 *)
   echo "Usage: $0 {start|stop|restart}" >&2
   exit 1
   ;;
esac


--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

signature.asc (270 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Roberto Ragusa
On 08/20/2011 11:38 AM, Reindl Harald wrote:

>
>
> Am 20.08.2011 11:33, schrieb Manuel Escudero:
>> Hi there:
>>
>> I was wondering if is there something like Hotspot Shield or TunnelBear for Linux
>> or if not, How can I easily mount a VPN connection in Fedora?
>>
>> Have been reading a lot, but it's quite difficult :S
>>
>> OpenVPN is too difficult to Setup
>
> what is there difficult?
> you only need to generate the certs and a config like the follwoing
> and for the client nearly 1:1 the same config and you start openvpn
> on the client automatically as service

Or you can avoid the certs and do a simple preshared key configuration,
which is simpler.

--
   Roberto Ragusa    mail at robertoragusa.it
--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

admin lewis
In reply to this post by Manuel Escudero
2011/8/20 Manuel Escudero <[hidden email]>:
> Hi there:
>
> I was wondering if is there something like Hotspot Shield or TunnelBear for
> Linux
> or if not, How can I easily mount a VPN connection in Fedora?
> Have been reading a lot, but it's quite difficult :S
> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.
> Any advice?

Try to download/install some gui for openvpn

openvpn-admin.noarch : OpenVPN-Admin is a multiplatform GUI for OpenVPN.
stonevpn.noarch : Easy OpenVPN certificate and configuration management

to install (from root):
# yum install openvpn-admin

then configure openvpn from gui.. anyway openvpn is the easiest way to
connect a vpn..
dont forget u can connect to a vpn by the NetworkManager too
cheers
lewis




--
my blog - http://predellino.blogspot.com/
--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Manuel Escudero


2011/8/22 admin lewis <[hidden email]>
2011/8/20 Manuel Escudero <[hidden email]>:
> Hi there:
>
> I was wondering if is there something like Hotspot Shield or TunnelBear for
> Linux
> or if not, How can I easily mount a VPN connection in Fedora?
> Have been reading a lot, but it's quite difficult :S
> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.
> Any advice?

Try to download/install some gui for openvpn

openvpn-admin.noarch : OpenVPN-Admin is a multiplatform GUI for OpenVPN.
stonevpn.noarch : Easy OpenVPN certificate and configuration management

to install (from root):
# yum install openvpn-admin

then configure openvpn from gui.. anyway openvpn is the easiest way to
connect a vpn..
dont forget u can connect to a vpn by the NetworkManager too
cheers
lewis




--
my blog - http://predellino.blogspot.com/
--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

VPN Mounting on fedora is a little painful... Using any method.
At the end I found what I needed but it just seem to work in Ubuntu
and not in Fedora. However, As I'm going to recieve some "Acer Aspire
Revo" PC's (one for personal use) to transform them into different kinds
of Linux Servers, I decided that Mounting an OpenVPN installation "for once in a lifetime"
in order to use it whenever it is needed is worth the time it requires, 

Thanks!

--
Manuel Escudero
Linux User #509052
Twitter: @Jmlevick
Blogger: Blog Xenode
PGP/GnuPG: E2F5 12FA E1C3 FA58 CF15  8481 B77B 00CA C1E1 0FA7
Xenode Systems - xenodesystems.com - "Conéctate a Tu Mundo"

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Manuel Escudero


2011/8/23 Manuel Escudero <[hidden email]>


2011/8/22 admin lewis <[hidden email]>
2011/8/20 Manuel Escudero <[hidden email]>:
> Hi there:
>
> I was wondering if is there something like Hotspot Shield or TunnelBear for
> Linux
> or if not, How can I easily mount a VPN connection in Fedora?
> Have been reading a lot, but it's quite difficult :S
> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.
> Any advice?

Try to download/install some gui for openvpn

openvpn-admin.noarch : OpenVPN-Admin is a multiplatform GUI for OpenVPN.
stonevpn.noarch : Easy OpenVPN certificate and configuration management

to install (from root):
# yum install openvpn-admin

then configure openvpn from gui.. anyway openvpn is the easiest way to
connect a vpn..
dont forget u can connect to a vpn by the NetworkManager too
cheers
lewis




--
my blog - http://predellino.blogspot.com/
--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

VPN Mounting on fedora is a little painful... Using any method.
At the end I found what I needed but it just seem to work in Ubuntu
and not in Fedora. However, As I'm going to recieve some "Acer Aspire
Revo" PC's (one for personal use) to transform them into different kinds
of Linux Servers, I decided that Mounting an OpenVPN installation "for once in a lifetime"
in order to use it whenever it is needed is worth the time it requires, 

Thanks!


--
Manuel Escudero
Linux User #509052
Twitter: @Jmlevick
Blogger: Blog Xenode
PGP/GnuPG: E2F5 12FA E1C3 FA58 CF15  8481 B77B 00CA C1E1 0FA7
Xenode Systems - xenodesystems.com - "Conéctate a Tu Mundo"


UPDATE on this issue:

With "At the end I found what I needed" I was refering to"Hostizzle"
wich is a service that provide you with free OpenVPN certificates and
configuration files, installing OpenVPN package from repos & the lastest Kvpnc on the machine (built from
source this one) I was able to connect to an external hosted VPN just like with Hotspot
Shield or TunnelBear using the package that "Hostizzle" provide to you...

Hostizzle Provide you with 100GB of monthly VPN bandwidth, an USA IP adress,
connection encryption with blowfish SSL/TLS of 1024 Bits and other interesting stuff.

The thing worked at the end in Fedora too, just had to use the lastest version of
OpenVPN Client "Kvpnc" and disable SELinux; (Set it to permissive mode,
after using the VPN I switch to enforcing always). The Point is, If it works on Fedora
and Ubuntu, I bet this solution can work in any distro.

Hope this helps someone out there.


P.S. More info, the tutorial and even a video of my "investigation" are in here:

http://xenodesystems.blogspot.com/2011/08/al-fin-hotspot-shieldtunnelbear-en.html

(in spanish) go there if you want to know more ;)

C'ya!

--
Manuel Escudero
Linux User #509052
Twitter: @Jmlevick
Blogger: Blog Xenode
PGP/GnuPG: E2F5 12FA E1C3 FA58 CF15  8481 B77B 00CA C1E1 0FA7
Xenode Systems - xenodesystems.com - "Conéctate a Tu Mundo"

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Timothy Murphy-5
In reply to this post by Manuel Escudero
Manuel Escudero wrote:

> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.

I'm puzzled by this thread.
It doesn't seem to me to be too difficult to set up an OpenVPN server,
following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .

Or are you all trying to do something else?


--
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Daniel J Walsh
In reply to this post by Manuel Escudero
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/23/2011 10:51 PM, Manuel Escudero wrote:

>
>
> 2011/8/23 Manuel Escudero <[hidden email]
> <mailto:[hidden email]>>
>
>
>
> 2011/8/22 admin lewis <[hidden email]
> <mailto:[hidden email]>>
>
> 2011/8/20 Manuel Escudero <[hidden email]
> <mailto:[hidden email]>>:
>> Hi there:
>>
>> I was wondering if is there something like Hotspot Shield or
> TunnelBear for
>> Linux or if not, How can I easily mount a VPN connection in
>> Fedora? Have been reading a lot, but it's quite difficult :S
>> OpenVPN is too difficult to Setup and Tor is not what I'm
> looking for.
>> Any advice?
>
> Try to download/install some gui for openvpn
>
> openvpn-admin.noarch : OpenVPN-Admin is a multiplatform GUI for
> OpenVPN. stonevpn.noarch : Easy OpenVPN certificate and
> configuration management
>
> to install (from root): # yum install openvpn-admin
>
> then configure openvpn from gui.. anyway openvpn is the easiest way
> to connect a vpn.. dont forget u can connect to a vpn by the
> NetworkManager too cheers lewis
>
>
>
>
> -- my blog - http://predellino.blogspot.com/ -- users mailing list
> [hidden email]
> <mailto:[hidden email]> To unsubscribe or change
> subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users Guidelines:
> http://fedoraproject.org/wiki/Mailing_list_guidelines
>
>
> VPN Mounting on fedora is a little painful... Using any method. At
> the end I found what I needed but it just seem to work in Ubuntu
> and not in Fedora. However, As I'm going to recieve some "Acer
> Aspire Revo" PC's (one for personal use) to transform them into
> different kinds of Linux Servers, I decided that Mounting an
> OpenVPN installation "for once in a lifetime" in order to use it
> whenever it is needed is worth the time it requires,
>
> Thanks!
>
>
> -- Manuel Escudero Linux User #509052 Twitter: @Jmlevick
> <http://twitter.com/Jmlevick> Blogger: Blog Xenode
> <http://xenodesystems.blogspot.com/> PGP/GnuPG: E2F5 12FA E1C3 FA58
> CF15  8481 B77B 00CA C1E1 0FA7 Xenode Systems - xenodesystems.com
> <http://www.xenodesystems.com/> - "Conéctate a Tu Mundo"
>
>
>
> UPDATE on this issue:
>
> With "At the end I found what I needed" I was refering
> to"Hostizzle" wich is a service that provide you with free OpenVPN
> certificates and configuration files, installing OpenVPN package
> from repos & the lastest Kvpnc on the machine (built from source
> this one) I was able to connect to an external hosted VPN just like
> with Hotspot Shield or TunnelBear using the package that
> "Hostizzle" provide to you...
>
> Hostizzle Provide you with 100GB of monthly VPN bandwidth, an USA
> IP adress, connection encryption with blowfish SSL/TLS of 1024 Bits
> and other interesting stuff.
>
> The thing worked at the end in Fedora too, just had to use the
> lastest version of OpenVPN Client "Kvpnc" and disable SELinux; (Set
> it to permissive mode, after using the VPN I switch to enforcing
> always). The Point is, If it works on Fedora and Ubuntu, I bet this
> solution can work in any distro.
>

Your SELinux problems are most likely with the cert files being
mislabeled.  If you put the certs in ~/.pki or ~/.cert, and run
restorecon on the file everything should work.


> Hope this helps someone out there.
>
>
> P.S. More info, the tutorial and even a video of my "investigation"
> are in here:
>
> http://xenodesystems.blogspot.com/2011/08/al-fin-hotspot-shieldtunnelbear-en.html
>
>  (in spanish) go there if you want to know more ;)
>
> C'ya!
>
> -- Manuel Escudero Linux User #509052 Twitter: @Jmlevick
> <http://twitter.com/Jmlevick> Blogger: Blog Xenode
> <http://xenodesystems.blogspot.com/> PGP/GnuPG: E2F5 12FA E1C3 FA58
> CF15  8481 B77B 00CA C1E1 0FA7 Xenode Systems - xenodesystems.com
> <http://www.xenodesystems.com/> - "Conéctate a Tu Mundo"
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk5U8vcACgkQrlYvE4MpobOYmgCfbrBZd+YJ5kofMcFii09Z61fT
Wv8AoKI2y0BKbYR4aQc2P8S4rPZXMw0r
=uZFQ
-----END PGP SIGNATURE-----
--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Manuel Escudero
In reply to this post by Timothy Murphy-5


2011/8/24 Timothy Murphy <[hidden email]>
Manuel Escudero wrote:

> OpenVPN is too difficult to Setup and Tor is not what I'm looking for.

I'm puzzled by this thread.
It doesn't seem to me to be too difficult to set up an OpenVPN server,
following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .

Or are you all trying to do something else?


--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

The idea was to get an easy solution to mount a personal VPN
in Linux using an external "pre-arranged" solution such as those
you might use on windows or mac, (HotspotShield/TunnelBear).

See, Win/Mac users don't mount their own VPN servers when they
wanna use VPN because of those apps, I found a solution like
that but for Linux, and that was what I was looking for in the first place.

--
Manuel Escudero
Linux User #509052
Twitter: @Jmlevick
Blogger: Blog Xenode
PGP/GnuPG: E2F5 12FA E1C3 FA58 CF15  8481 B77B 00CA C1E1 0FA7
Xenode Systems - xenodesystems.com - "Conéctate a Tu Mundo"

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Timothy Murphy-5
Manuel Escudero wrote:

>> I'm puzzled by this thread.
>> It doesn't seem to me to be too difficult to set up an OpenVPN server,
>> following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .
>>
>> Or are you all trying to do something else?

> The idea was to get an easy solution to mount a personal VPN
> in Linux using an external "pre-arranged" solution such as those
> you might use on windows or mac, (HotspotShield/TunnelBear).

I'm still puzzled, almost certainly due to my ignorance.
What exactly is a "personal VPN"?
Is OpenVPN a "personal VPN"?

As far as I can see, Hotspot Shield and Tunnel Bear
are both running VPN servers, on a free/commercial basis,
and if you subscribe to them you can run a VPN client
which communicates with or through them.
Or have I got that wrong?

> See, Win/Mac users don't mount their own VPN servers when they
> wanna use VPN because of those apps, I found a solution like
> that but for Linux, and that was what I was looking for in the first
> place.

It's not really clear to me what this has to do with Linux or Windows.
In fact, from a very quick glance at their bumpf,
it seemed to me that Hotspot Shield probably is running a Linux VPN server.

But I admit I'm far from expert on VPN.
 

--
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Manuel Escudero


2011/8/24 Timothy Murphy <[hidden email]>
Manuel Escudero wrote:

>> I'm puzzled by this thread.
>> It doesn't seem to me to be too difficult to set up an OpenVPN server,
>> following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .
>>
>> Or are you all trying to do something else?

> The idea was to get an easy solution to mount a personal VPN
> in Linux using an external "pre-arranged" solution such as those
> you might use on windows or mac, (HotspotShield/TunnelBear).

I'm still puzzled, almost certainly due to my ignorance.
What exactly is a "personal VPN"?
Is OpenVPN a "personal VPN"?

As far as I can see, Hotspot Shield and Tunnel Bear
are both running VPN servers, on a free/commercial basis,
and if you subscribe to them you can run a VPN client
which communicates with or through them.
Or have I got that wrong?

> See, Win/Mac users don't mount their own VPN servers when they
> wanna use VPN because of those apps, I found a solution like
> that but for Linux, and that was what I was looking for in the first
> place.

It's not really clear to me what this has to do with Linux or Windows.
In fact, from a very quick glance at their bumpf,
it seemed to me that Hotspot Shield probably is running a Linux VPN server.

But I admit I'm far from expert on VPN.


--
Timothy Murphy
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


Made a little video tutorial about the easiest way to setup the
"Hostizzle" service in Linux (On Fedora KDE using NetworkManager)

Also I show how the tool works; Instructions in english are available
in video's description at Youtube:

http://youtu.be/gwhYl4QthO0

@Daniel: in KDE with NetworkManager I can leave SELinux Enabled and the Hozz VPN Works :)

@Timothy: Yeah, HSS & TunnelBear both are using OpenVPN Linux Servers, the thing is,
They're apps oriented for the final user, see:

To connect to a VPN (or parse your Internet Connection Trough one) you need 3 basic things:

1) The VPN Server (yours or external)

2) The VPN Software (OpenVPN for example)

3) The VPN Client (Kvpnc, NetworkManager)

The thing is, in Win & Mac, users just Download an app such as TunnelBear for example
and install it with a "Next>Next>Next" tool, then just click ENABLE and they're "magically"
browsing through VPN connection... They don't need to setup a private server, then parse the
keys and the certificates, then install all the things, deal with config files and so on...

I commited myself to the simple duty of finding something similar but for linux and
Hostizzle (with a little help from other tools) seem to be the closest alternative
to such software.

More clear? :)

Cheers.

--
Manuel Escudero
Linux User #509052
Twitter: @Jmlevick
Blogger: Blog Xenode
PGP/GnuPG: E2F5 12FA E1C3 FA58 CF15  8481 B77B 00CA C1E1 0FA7
Xenode Systems - xenodesystems.com - "Conéctate a Tu Mundo"

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Marko Vojinovic-3
On Wednesday 24 August 2011 17:17:15 Manuel Escudero wrote:
> 2011/8/24 Timothy Murphy <[hidden email]>
> > Manuel Escudero wrote:
> > >> I'm puzzled by this thread.
> > >> It doesn't seem to me to be too difficult to set up an OpenVPN server,
> > >> following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .
> > >>
> > >> Or are you all trying to do something else?

Sorry to drop in on this thread, but it seems that there is some
misunderstanding here... ;-)

Yes, apparently Manuel is trying to do something else, which has nothing to do
with creating a VPN on Fedora. He just expressed himself poorly. Read below.

> > > The idea was to get an easy solution to mount a personal VPN
> > > in Linux using an external "pre-arranged" solution such as those
> > > you might use on windows or mac, (HotspotShield/TunnelBear).

As far as I looked at the HotspotShield and TunnelBear websites, they
basically say:

<quote>
Q) What is TunnelBear?
A) TunnelBear is the world’s easiest to use consumer VPN software that
securely “tunnels” your internet connection to locations around the world.

Q) How does TunnelBear work?
A) TunnelBear creates a secure, encrypted connection between your computer and
a server in the host country you want to connect to. This both protects your
privacy allows you to simulate the internet experience from another country.

Hotspot Shield:
    * Secure your web session, data, online shopping, and personal information
online with HTTPS encryption.
    * Protect yourself from identity theft online.
    * Hide your IP address for your privacy online.
    * Access all content privately without censorship; bypass firewalls.
    * Protect yourself from snoopers at Wi-Fi hotspots, hotels, airports,
corporate offices.
</quote>

So it seems to me that TunnelBear and HotspotShield are commercial
*proxy* *servers*, which clients use by connecting via the VPN.

> > As far as I can see, Hotspot Shield and Tunnel Bear
> > are both running VPN servers, on a free/commercial basis,
> > and if you subscribe to them you can run a VPN client
> > which communicates with or through them.
> > Or have I got that wrong?

You got it right. You get logged on their VPN, and they "guarantee" to clients
anonymous access to the Internet, using their server as a proxy. The VPN is
used in order to provide encrypted connection between the server and the
client, and in addition to provide A&A via pay-for certificates.

> > > See, Win/Mac users don't mount their own VPN servers when they
> > > wanna use VPN because of those apps, I found a solution like
> > > that but for Linux, and that was what I was looking for in the first
> > > place.

This part is a bit confusing. It seems that Manuel doesn't make a distinction
between a VPN and these commercial proxy services. Win/Mac users that he
speaks about do not create a VPN, they are just clients to the commercial VPN.
So they do not need to set up any VPN server or something similar.

AFAIK, if you sign up for this service and get a certificate, you should not
need any special software to connect to the HS/TB VPN-s. NetworkManager should
be able to connect to them automatically, if configured to use the appropriate
certificates. So on Linux at least, no additional software should be necessary,
unless they are doing something weird and incompatible. As for Windows and
Mac, I don't know, but if anything needs to be installed, it is a VPN client
of some kind. Not the server.

> The thing is, in Win & Mac, users just Download an app such as TunnelBear
> for example
> and install it with a "Next>Next>Next" tool, then just click ENABLE and
> they're "magically"
> browsing through VPN connection...

The "Next>Next>Next" tool just installs VPN client software on Win/Mac, and
sets it up automatically for use with HS/TB networks.

> They don't need to setup a private
> server, then parse the
> keys and the certificates, then install all the things, deal with config
> files and so on...

These are steps you need to do when you want to create *your* *own* VPN, not
to use somebody else's network. Apples and oranges. :-)

> I commited myself to the simple duty of finding something similar but for
> linux and
> Hostizzle (with a little help from other tools) seem to be the closest
> alternative
> to such software.

Hostizzle is just another commercial proxy, in line with Hotspot Shield and
TunnelBear. It's not a software, it's an online service. It uses VPN (in
particular OpenVPN implementation) in order to provide its service.

> More clear? :)

The Hostizzle FAQ is very informative regarding what this is all about:

   http://hostizzle.com/faq/

In a nutshell, you sign up to use their VPN for all your internet traffic, using
their server as a gateway. This avoids various firewalls, insecure connections,
blocked ports, etc., at the expense of using their gateway.

The VPN itself has nothing to do with this. It is just a backend technology
that provides you a convenient way to use their server as a gateway to the
Internet.

All in all, the title of this thread is completely misleading. You (the OP)
don't actually want to set up your own VPN, you want to use this kind od
public proxy service, and need to set up a VPN client because this is the way
to communicate with that public proxy. Please don't mix these two things. :-)

VPN stands for a "Virtual Private Network", and basically represents an
emulation of a bunch of (virtual) ethernet cards and appropriate (virtual)
cables and switches, in order to create a (virtual) LAN over a physically
distributed set of hosts. This has absolutely nothing to do with the "public
proxy" service like Hostizzle, regardless of the fact that that VPN is used as
a backend means of communication between Hostizzle and yourself.

I hope this clears up a few things for everybody, especially for the OP. ;-)

HTH, :-)
Marko

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Manuel Escudero


2011/8/24 Marko Vojinovic <[hidden email]>
On Wednesday 24 August 2011 17:17:15 Manuel Escudero wrote:
> 2011/8/24 Timothy Murphy <[hidden email]>
> > Manuel Escudero wrote:
> > >> I'm puzzled by this thread.
> > >> It doesn't seem to me to be too difficult to set up an OpenVPN server,
> > >> following the instructions in /usr/share/openvpn/easy-rsa/2.0/ .
> > >>
> > >> Or are you all trying to do something else?

Sorry to drop in on this thread, but it seems that there is some
misunderstanding here... ;-)

Yes, apparently Manuel is trying to do something else, which has nothing to do
with creating a VPN on Fedora. He just expressed himself poorly. Read below.

> > > The idea was to get an easy solution to mount a personal VPN
> > > in Linux using an external "pre-arranged" solution such as those
> > > you might use on windows or mac, (HotspotShield/TunnelBear).

As far as I looked at the HotspotShield and TunnelBear websites, they
basically say:

<quote>
Q) What is TunnelBear?
A) TunnelBear is the world’s easiest to use consumer VPN software that
securely “tunnels” your internet connection to locations around the world.

Q) How does TunnelBear work?
A) TunnelBear creates a secure, encrypted connection between your computer and
a server in the host country you want to connect to. This both protects your
privacy allows you to simulate the internet experience from another country.

Hotspot Shield:
   * Secure your web session, data, online shopping, and personal information
online with HTTPS encryption.
   * Protect yourself from identity theft online.
   * Hide your IP address for your privacy online.
   * Access all content privately without censorship; bypass firewalls.
   * Protect yourself from snoopers at Wi-Fi hotspots, hotels, airports,
corporate offices.
</quote>

So it seems to me that TunnelBear and HotspotShield are commercial
*proxy* *servers*, which clients use by connecting via the VPN.

> > As far as I can see, Hotspot Shield and Tunnel Bear
> > are both running VPN servers, on a free/commercial basis,
> > and if you subscribe to them you can run a VPN client
> > which communicates with or through them.
> > Or have I got that wrong?

You got it right. You get logged on their VPN, and they "guarantee" to clients
anonymous access to the Internet, using their server as a proxy. The VPN is
used in order to provide encrypted connection between the server and the
client, and in addition to provide A&A via pay-for certificates.

> > > See, Win/Mac users don't mount their own VPN servers when they
> > > wanna use VPN because of those apps, I found a solution like
> > > that but for Linux, and that was what I was looking for in the first
> > > place.

This part is a bit confusing. It seems that Manuel doesn't make a distinction
between a VPN and these commercial proxy services. Win/Mac users that he
speaks about do not create a VPN, they are just clients to the commercial VPN.
So they do not need to set up any VPN server or something similar.

AFAIK, if you sign up for this service and get a certificate, you should not
need any special software to connect to the HS/TB VPN-s. NetworkManager should
be able to connect to them automatically, if configured to use the appropriate
certificates. So on Linux at least, no additional software should be necessary,
unless they are doing something weird and incompatible. As for Windows and
Mac, I don't know, but if anything needs to be installed, it is a VPN client
of some kind. Not the server.

> The thing is, in Win & Mac, users just Download an app such as TunnelBear
> for example
> and install it with a "Next>Next>Next" tool, then just click ENABLE and
> they're "magically"
> browsing through VPN connection...

The "Next>Next>Next" tool just installs VPN client software on Win/Mac, and
sets it up automatically for use with HS/TB networks.

> They don't need to setup a private
> server, then parse the
> keys and the certificates, then install all the things, deal with config
> files and so on...

These are steps you need to do when you want to create *your* *own* VPN, not
to use somebody else's network. Apples and oranges. :-)

> I commited myself to the simple duty of finding something similar but for
> linux and
> Hostizzle (with a little help from other tools) seem to be the closest
> alternative
> to such software.

Hostizzle is just another commercial proxy, in line with Hotspot Shield and
TunnelBear. It's not a software, it's an online service. It uses VPN (in
particular OpenVPN implementation) in order to provide its service.

> More clear? :)

The Hostizzle FAQ is very informative regarding what this is all about:

  http://hostizzle.com/faq/

In a nutshell, you sign up to use their VPN for all your internet traffic, using
their server as a gateway. This avoids various firewalls, insecure connections,
blocked ports, etc., at the expense of using their gateway.

The VPN itself has nothing to do with this. It is just a backend technology
that provides you a convenient way to use their server as a gateway to the
Internet.

All in all, the title of this thread is completely misleading. You (the OP)
don't actually want to set up your own VPN, you want to use this kind od
public proxy service, and need to set up a VPN client because this is the way
to communicate with that public proxy. Please don't mix these two things. :-)

VPN stands for a "Virtual Private Network", and basically represents an
emulation of a bunch of (virtual) ethernet cards and appropriate (virtual)
cables and switches, in order to create a (virtual) LAN over a physically
distributed set of hosts. This has absolutely nothing to do with the "public
proxy" service like Hostizzle, regardless of the fact that that VPN is used as
a backend means of communication between Hostizzle and yourself.

I hope this clears up a few things for everybody, especially for the OP. ;-)

HTH, :-)
Marko

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


Yep, what marko just said is most accurate about the technical
aspect of the whole thing... in one simple sentence: HSS, TunnelBear
Hostizzle, "and friends" are just services where someone mounts a VPN
and then simply share with the people some ways to access it, via free
or paid OpenVPN certificate packs wich contain a "ovpn" file to use in
the configuration via your native networking client (such as networkmanager)...

Win/Mac solutions are "a little more packed"; In linux it requires some more
"setup steps" to work, but esentially it's the same.

So, yep I wasn't talking about CREATING my own VPN but finding
a service that let me connect to a "pre-mounted" VPN as I perfectly said in the first
message I sent, (and nobody answered that), so I shared the solution I found
for the actual question. 

C'ya! :)

--
Manuel Escudero
Linux User #509052
Twitter: @Jmlevick
Blogger: Blog Xenode
PGP/GnuPG: E2F5 12FA E1C3 FA58 CF15  8481 B77B 00CA C1E1 0FA7
Xenode Systems - xenodesystems.com - "Conéctate a Tu Mundo"

--
users mailing list
[hidden email]
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Reply | Threaded
Open this post in threaded view
|

Re: Personal VPN on Fedora

Bareis_56
This post has NOT been accepted by the mailing list yet.
In reply to this post by Manuel Escudero
Hey, why don’t you try Express VPN. It is absolutely suitable for such needs and the best thing is that they have not data log policy which ultimately makes your data 100% secured. I was also looking for best vpn china and bought their monthly subscription. It worked amazingly for me.