How to Create a VPN Kill Switch - Chris Titus Tech
video description
Date: 2022-03-21
Related videos
Comments and reviews: 10
trythat
Nice simple video. I do prefer to use docker myself and usually use the binhex/arch-delugevpn container. I also prefer to use Deluge, I like the option of having a web front-end and an optional client (I really like the client option) . The nice thing with binhex's container is that it has a builtin kill-switch, I also think it has a reverse proxy if you need it.
binhex does loads of containers especially for Unraid, but thats the beauty of docker, it doesn't matter :) I do use OpenMeadiaVault on a old NUC and sometimes a Raspi 3 or 4.
Again nice video, I do like to have a watch most times, nice to see a more detailed video as well. I'm looking forward to more in depth ones as you progress.
reply
Nice simple video. I do prefer to use docker myself and usually use the binhex/arch-delugevpn container. I also prefer to use Deluge, I like the option of having a web front-end and an optional client (I really like the client option) . The nice thing with binhex's container is that it has a builtin kill-switch, I also think it has a reverse proxy if you need it.
binhex does loads of containers especially for Unraid, but thats the beauty of docker, it doesn't matter :) I do use OpenMeadiaVault on a old NUC and sometimes a Raspi 3 or 4.
Again nice video, I do like to have a watch most times, nice to see a more detailed video as well. I'm looking forward to more in depth ones as you progress.
reply
Dimitris
Now you have to setup a machine for remote vpn connections. Specially useful in environments where ISP has weird requirements to sync the line with the client and in most cases (at least where I live) you need his router which is garbage and apart from that refuses to work in bridge mode, leaving you helpless if you want to setup vpn with a router device. Pfsense is another way accomplishing that but you need a dedicated machine like the one you setup now.
Also in no guide I found someone referring to ways you can check the h/w requirements for 5 - 10 -50 clients connecting to that machine. What would you need in h/w specs?
reply
Now you have to setup a machine for remote vpn connections. Specially useful in environments where ISP has weird requirements to sync the line with the client and in most cases (at least where I live) you need his router which is garbage and apart from that refuses to work in bridge mode, leaving you helpless if you want to setup vpn with a router device. Pfsense is another way accomplishing that but you need a dedicated machine like the one you setup now.
Also in no guide I found someone referring to ways you can check the h/w requirements for 5 - 10 -50 clients connecting to that machine. What would you need in h/w specs?
reply
Martin
I'm not sure if I did something wrong but this as written is not working for me.
I am still with PIA, I know I should look to move, will look at that soon. What I am finding is that after reboot I am getting no connection. I think the UFW firewall is blocking the openvpn connection from resolving the address of the PIA server.
I changed the address of the PIA server to the ip address in the openvpn conf file and the connection now seems to work.
It would be good to know if there is a better way using UFW rules.
reply
I'm not sure if I did something wrong but this as written is not working for me.
I am still with PIA, I know I should look to move, will look at that soon. What I am finding is that after reboot I am getting no connection. I think the UFW firewall is blocking the openvpn connection from resolving the address of the PIA server.
I changed the address of the PIA server to the ip address in the openvpn conf file and the connection now seems to work.
It would be good to know if there is a better way using UFW rules.
reply
benriful
Next -challenge-: Use a VPN for what it was really intended - instead of just a means to encrypt a proxy connection. Make it so you can connect to your home LAN from anywhere as if you're there, able to see all shares and computers just as if you plugged in a LAN cable from anywhere in the world. Bonus if those home computer can then also reverse connect to whatever remote device you are using abroad.
reply
Next -challenge-: Use a VPN for what it was really intended - instead of just a means to encrypt a proxy connection. Make it so you can connect to your home LAN from anywhere as if you're there, able to see all shares and computers just as if you plugged in a LAN cable from anywhere in the world. Bonus if those home computer can then also reverse connect to whatever remote device you are using abroad.
reply
Eroldin
A little tip, sometimes you might need to open port 53 for the initial DNS request to the VPN server itself.
you can add it with the command -sudo ufw allow out 53- at least this was necessary on Arch.
Also, when using Arch the .secrets and express.conf (or whatever you name it) should placed in -/etc/openvpn/client/-
reply
A little tip, sometimes you might need to open port 53 for the initial DNS request to the VPN server itself.
you can add it with the command -sudo ufw allow out 53- at least this was necessary on Arch.
Also, when using Arch the .secrets and express.conf (or whatever you name it) should placed in -/etc/openvpn/client/-
reply
benriful
Can you set it to auto-reconnect if it dropped for some reason? I'm thinking some cron script doing a ping and checking the return status, restarting openvpn if no ping is reachable. Though that just feels a bit like using a hammer to turn a screw. There must be a less convoluted way.
reply
Can you set it to auto-reconnect if it dropped for some reason? I'm thinking some cron script doing a ping and checking the return status, restarting openvpn if no ping is reachable. Though that just feels a bit like using a hammer to turn a screw. There must be a less convoluted way.
reply
Milan
I added
net.ipv6.conf.eth0.disable_ipv6=1 to the sysctl.conf.
After hitting sudo sysctl -p, all values turned to 1.
However, every time i reboot my vm and recheck if all interfaces are still disabled, eth0 keeps returning to a value of 0. Anyone else have this issue?
reply
I added
net.ipv6.conf.eth0.disable_ipv6=1 to the sysctl.conf.
After hitting sudo sysctl -p, all values turned to 1.
However, every time i reboot my vm and recheck if all interfaces are still disabled, eth0 keeps returning to a value of 0. Anyone else have this issue?
reply
Michel
Thanks for the video, I've followed the steps, now my only problem is that the vpn address can't be resolve? Not sure what to do, by the mean time I've putted the ip address in the openvpn -.conf file and it's working. What would be the best solution for this? Thanks.
reply
Thanks for the video, I've followed the steps, now my only problem is that the vpn address can't be resolve? Not sure what to do, by the mean time I've putted the ip address in the openvpn -.conf file and it's working. What would be the best solution for this? Thanks.
reply
hwy9nightkid
U just got me convinced to sign up for expressVPN on your affiliate link, thanks for the tips! If I can make one more request.. could you explain how I can setup a home-lab that I can access from the public internet? Big ups to your content!
reply
U just got me convinced to sign up for expressVPN on your affiliate link, thanks for the tips! If I can make one more request.. could you explain how I can setup a home-lab that I can access from the public internet? Big ups to your content!
reply
vova0007
Thank you Chris for great videos as always! If I am using another VPN, like CyberGhost for instance, how can I made that start automatically once my Linux Mint is starting? Thank you in advance.
reply
Thank you Chris for great videos as always! If I am using another VPN, like CyberGhost for instance, how can I made that start automatically once my Linux Mint is starting? Thank you in advance.
reply
Add a review, comment
Other channel videos
