VPN on virtual machine

Michael Butash michael at butash.net
Thu Sep 20 13:48:21 MST 2018


I've begun looking into dockerizing it a few times, others have done them
separately, always the scripting and networking seem problematic as needing
to spawn openvpn inside of it, and allow multiple inbound socket
translations to the local servers.

I've cloned my instance a few times to make portable or change to drop to
different drives automatically, and configs are fairly portable, but
scripting it cleanly to deploy in docker is beyond my abilities and current
desire to want to learn.  My reaper VM is small enough it doesn't bother me
to have it (or a few) running, and was portable to reconfig to work in kvm
from vbox recently.

-mb

On Thu, Sep 20, 2018 at 1:29 PM Stephen Partington <cryptworks at gmail.com>
wrote:

> This would be a fascinating docker container idea.
>
> On Thu, Sep 20, 2018 at 1:00 PM Michael Butash <michael at butash.net> wrote:
>
>> The VM is pretty lightweight, I give it 2 cores and 2gb of ram, though
>> looking it's only using 102m of ram with everything running, but my current
>> pc is loaded with ram, so I don't much split harirs these days.
>>
>> -mb
>>
>>
>> On Thu, Sep 20, 2018 at 2:49 AM Jim <jim.nantz15 at comcast.net> wrote:
>>
>>> Thanks for the advice.  I'll have to do some more reading to understand
>>> all that well enough to try it myself, and get some cash together before I
>>> buy a computer that will support all that.
>>>
>>> I have a Dell 32 bit dinosaur (wallace kubuntu 14) and this computer
>>> (ladmo kubuntu 18 64 bit).  I have apache2 on wallace so I can share the
>>> occasional file with friends.  Instead of taking a short sound clip and
>>> making a video out of it so I can share it with friends on facebook, I just
>>> put it on wallace and give them the url.  I also keep copies of my pictures
>>> and music collection on wallace.  So I have /var/www/html on wallace and
>>> the user account on wallace mounted on ladmo via nfs.   I also have an ssh
>>> server on wallace so I can access it from ladmo and so I can transfer files
>>> between my phone and wallace via sftp.  I had wallace connected to the
>>> router via the 100 mbit nic built into it until Saturday when I found a
>>> gigabit nic in the cabinet where I keep boxes of parts.
>>>
>>> Good luck with your setup Michael.  I would suspect nobody knows what
>>> you're doing online except the CIA. :-)
>>>
>>> On 09/19/2018 10:34 PM, Michael Butash wrote:
>>>
>>> I use transmission-daemon as a server on the vm with the vpn, and
>>> connect to the server on port 9091 with a transmission-remote client on
>>> your local lan workstation.  The vpn should override your default routing,
>>> and make sure to kill ipv6 as a sysctl too.  I setup a dns for the local
>>> server ip running the transmission server, and make it available on a
>>> bridged interface to the rest of my lan.  I use stickshift on my phone to
>>> manage/view them then.  I usually run squid socks proxy on it too, using a
>>> proxy switcher on chrome as an extension to flip between on and off use out
>>> that connection as well.
>>>
>>> For extra credit, I setup unbound to do encrypted dns to cloudflare on
>>> it via some google tutorials, and I use zerotier as a link all my servers
>>> and clients into a local-ish lan vpn that I can access on cell, work,
>>> public wifi, wherever really.  Check them out at zerotier.com.
>>>
>>> -mb
>>>
>>> On Tue, Sep 18, 2018 at 3:56 PM Jim <jim.nantz15 at comcast.net> wrote:
>>>
>>>> I finally got the vpn working, but I'm having trouble with bittorrent.
>>>> So far I've tried Deluge. The next time I have time to mess with it, I can
>>>> try another bittorrent client.  Michael, which one do you use?
>>>>
>>>> On 09/18/2018 11:35 AM, Michael Butash wrote:
>>>>
>>>> How are you configuring the openvpn connection?  Using PIA vpn, they
>>>> give you an openvpn file to connect with, or at least did last I set it up,
>>>> and otherwise should just need the package dependencies installed with
>>>> openvpn.
>>>>
>>>> I'd say launch openvpn via the cli in debug to see what errors it's
>>>> giving with the ovpn file.
>>>>
>>>> Bridge or nat should be irrelevant, I've run mine both ways.  You
>>>> should only need ports 1194 out to your VPN provider, you don't need to
>>>> port forward one back, and actually recommend you do NOT unless you're
>>>> wanting an openvpn server yourself to connect back to.  Mine works fine out
>>>> via NAT.
>>>>
>>>> -mb
>>>>
>>>> On Mon, Sep 17, 2018 at 10:57 PM Jim <jim.nantz15 at comcast.net> wrote:
>>>>
>>>>> I decided to try a virtual machine for bittorrent.  The host machine
>>>>> runs kubuntu 14.04 with 4GB RAM. I've installed virtualbox 5.2.18.
>>>>> The
>>>>> virtual machine is running lubuntu 18 and has 1GB RAM.  The problem is
>>>>> with the vpn.  I can't get openvpn or pptp to work.  I configured them
>>>>> using the same instructions I did on the host machine.  When I try to
>>>>> start a VPN connction(openvpn or pptp)  on the guest machine, the icon
>>>>> appears to show it's trying to connect, then it just stops without
>>>>> offering any error message.  In  Virtualbox's settings for the guest
>>>>> machine under network, I chose attached to NAT.
>>>>>
>>>>> Any ideas what I should do different?
>>>>>
>>>>> thanks
>>>>>
>>>>
>>>> ---------------------------------------------------
>>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>>> To subscribe, unsubscribe, or to change your mail settings:
>>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>>
>>>
>>> ---------------------------------------------------
>>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>>> To subscribe, unsubscribe, or to change your mail settings:
>>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>>
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
>
>
>
> --
> A mouse trap, placed on top of your alarm clock, will prevent you from
> rolling over and going back to sleep after you hit the snooze button.
>
> Stephen
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20180920/74bdb2b8/attachment.html>


More information about the PLUG-discuss mailing list