This is Gentoo's testing wiki. It is a non-operational environment and its textual content is outdated.

Please visit our production wiki at https://wiki.gentoo.org

VPN Services

From Gentoo Wiki (test)
Jump to:navigation Jump to:search

VPN services are offered by several companies. They allow users to protect their privacy and security while using the Internet. Guides to using various service providers on Gentoo are below.

Private Internet Access

https://www.privateinternetaccess.com/

The following will auto-start openvpn upon boot:

  1. Buy a subscription and log in
  2. root #echo "net-vpn/openvpn passwordsave examples" >> /etc/portage/package.use # optional
  3. root #emerge --ask openvpn
  4. Go to https://www.privateinternetaccess.com/pages/client-control-panel and locate the "PPTP/L2TP/SOCKS Username and Password"
  5. Generate Username/Password if they are not there
  6. In the next step, replace USERNAME and PASSWORD with the located or generated ones.
    root #cd /etc/openvpn
    root #echo "USERNAME" >> login.conf
    root #echo "PASSWORD" >> login.conf
  7. Download the privateinternetaccess configurations and certificates.
    root #mkdir -p pia
    root #cd pia
    root #unzip openvpn.zip
    root #cp US\ East.ovpn ../openvpn.conf # replace with your desired region
    root #cd ..
    root #ln -s pia/ca.rsa.2048.crt
    root #ln -s pia/crl.rsa.2048.pem
  8. Modify the configuration file and permissions.
    root #echo "auth-nocache" >> openvpn.conf
    root #echo "auth-user-pass login.conf" >> openvpn.conf
    root #chmod 600 openvpn.conf login.conf pia/*
    root #chmod 700 pia
  9. Start the service and add to default runlevel.
    root #/etc/init.d/openvpn start
    root #rc-update add openvpn # don't use this line if you don't want openvpn upon boot

If Openvpn doesn't connect you would want to add www.privateinternetaccess.com's DNS servers to your /etc/resolv.conf.head file. Create '/etc/resolv.conf.head' file if it doesn't already exist, edit the file by adding the two DNS servers:

FILE /etc/resolv.conf.head
nameserver 209.222.18.222
nameserver 209.222.18.218

Go to www.privateinternetaccess.com's to make sure you entered the correct DNS servers:

  • Click on 'Client Support Tab' and scroll down to 'DNS leak protection' section

Save and Reboot.

Troubleshooting

The above setup requires that root has write permission on /etc/resolv.conf. To make sure this is the case run

root #lsattr /etc/resolv.conf

If the output looks like this

root #lsattr /etc/resolv.conf
----i---------e---- /etc/resolv.conf

than, since "i" means that the file has the immutable bit, not even the root can write on it. To change that just run

root #chattr -i /etc/resolv.conf

and reboot.

Retrieved from "https://wikitest.gentoo.org/index.php?title=VPN_Services&oldid=711230"