Why Should I Use a VPN

Discussion in 'privacy technology' started by merisi, Jan 3, 2013.

Thread Status:
Not open for further replies.
  1. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    AirVPN pfSense client VM (UDP mode)
    ..........adaptor 1 = WAN : NATed to host machine
    ..........adaptor 2 = LAN : connected to internal network "AirVPN"

    Tor Gateway VM
    ..........adaptor 1 = WAN : connected to internal network "AirVPN"
    ..........adaptor 2 = LAN : connected to internal network "Tor"

    Mullvad pfSense client VM (TCP mode)
    ..........adaptor 1 = WAN : connected to internal network "Tor"
    ..........adaptor 2 = LAN : connected to internal network "Mullvad"

    Ubuntu workstation VM
    ..........adaptor 1 : connected to internal network "Mullvad"
    Reply With Quote



    ok adjusted some updated rules as noticed,everythings set and ready, used this rule to test the vpn>tor>vpn setup , again , and it works , so now its up to getting this to work with the host , ill be waiting for good news ;)


    btw same as before , you can forget nameservers working for the outer vpn hell im not even sure if it even works for the inner one , and using the rule explicit-exit-notify 5 setup in any of your vpn vms udp or tcp dont matter it will result in a non working vpn>tor>vpn setup
     
    Last edited: Jan 27, 2013
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    OK, I've learned how to do it :)

    I got the following from -http://timita.org/wordpress/2011/07/29/protect-your-windows-laptop-with-pfsense-and-virtualbox-part-1-preamble/. He also explains how to set up VirtualBox so that the VMs start automatically when Windows boots. But I haven't tested that part yet. If you don't do that, your host machine (except for VirtualBox, which is bypassing the Windows network stack) will have no Internet connectivity when it boots up. You'll first need to start the VMs (VPN>Tor>VPN). Or you can add IPv4 back to your Local Area Connection.

    Anyway, here's what to do.

    The first pfSense VM in your chain ("AirVPN pfSense VM") should have its Adapter 1 bridged to the host machine's physical network adapter. It will get an IP address from your LAN router, just like your host machine does. That is, the AirVPN pfSense VM will appear on your LAN as if it were another physical machine.

    The last pfSense VM in your chain ("Mullvad pfSense VM") should have its Adapter 2 bridged to the host machine's Microsoft Loopback Adapter. I was wrong about using a host-only adapter :(

    You'll probably first need to install Microsoft Loopback Adapter, as explained here -http://www.youtube.com/watch?v=gmynCBKyWxQ.

    Open Firefox on the host machine, and verify that you can reach the pfSense Mullvad VM's GUI at "https://192.168.2.1". If you can, that means that the loopback adapter is working.

    The last step is nuking Internet connectivity through your host machine's physical network adapter (normally "Local Area Connection"). Right click on it in "Network Connections", and select "Properties". Deselect "Internet Protocol Version 4 (TCP/IPv4)" [and "Internet Protocol Version 6 (TCP/IPv6)" if it's enabled] and click "OK". Run "ipconfig /all" on your host machine. It should now be getting its IP address from the pfSense Mullvad VM, and no longer from your LAN router.

    You should now have Internet connectivity only through the VPN>Tor>VPN chain :)

    And you will have no connectivity to anything on your LAN, unless you add IPv4 back to your Local Area Connection.

    Edit: Actually, there's another way. You could create a third pfSense VM ("Host pfSense VM") interposed between the host and the AirVPN pfSense VM. Now the setup looks like this:

    For Host Internet Connectivity Through VPN>Tor>VPN

    Host Machine
    ..........Local Area Connection: neither IPv4 nor IPv6 enabled in "Properties"
    ..........Microsoft Loopback Adapter: installed

    Host pfSense VM (just stock pfSense install with no changes)
    ..........Adaptor 1 = WAN : bridged to host machine's physical network adapter
    ..........Adaptor 2 = LAN : connected to internal network "Host"

    AirVPN pfSense client VM (UDP mode)
    ..........Adaptor 1 = WAN : connected to internal network "Host"
    ..........Adaptor 2 = LAN : connected to internal network "AirVPN"

    Tor Gateway VM
    ..........Adaptor 1 = WAN : connected to internal network "AirVPN"
    ..........Adaptor 2 = LAN : connected to internal network "Tor"

    Mullvad pfSense client VM (TCP mode)
    ..........Adaptor 1 = WAN : connected to internal network "Tor"
    ..........Adaptor 2 = LAN : bridged to the host machine's Microsoft Loopback Adapter

    For Host Internet Direct Connectivity Without VPN>Tor>VPN

    Just change adapter connections on "Host pfSense VM", "AirVPN pfSense client VM" and "Mullvad pfSense client VM". You can connect to the Internet through the VPN>Tor>VPN chain using the Xubuntu VM.

    Host Machine
    ..........Local Area Connection: neither IPv4 nor IPv6 enabled in "Properties"
    ..........Microsoft Loopback Adapter: installed

    Host pfSense VM (just stock pfSense install with no changes)
    ..........Adaptor 1 = WAN : bridged to host machine's physical network adapter
    ..........Adaptor 2 = LAN : bridged to the host machine's Microsoft Loopback Adapter

    AirVPN pfSense client VM (UDP mode)
    ..........Adaptor 1 = WAN : bridged to host machine's physical network adapter
    ..........Adaptor 2 = LAN : connected to internal network "AirVPN"

    Tor Gateway VM
    ..........Adaptor 1 = WAN : connected to internal network "AirVPN"
    ..........Adaptor 2 = LAN : connected to internal network "Tor"

    Mullvad pfSense client VM (TCP mode)
    ..........Adaptor 1 = WAN : connected to internal network "Tor"
    ..........Adaptor 2 = LAN : connected to internal network "Mullvad"

    Xubuntu workstation VM
    ..........Adaptor 1 : connected to internal network "Mullvad"


    PPS: If you have problems, try it with a "dummy" VM chain:

    Host Machine
    ..........Local Area Connection: neither IPv4 nor IPv6 enabled in "Properties"
    ..........Microsoft Loopback Adapter: installed

    Host pfSense VM (just stock pfSense install with no changes)
    ..........Adaptor 1 = WAN : bridged to host machine's physical network adapter
    ..........Adaptor 2 = LAN : connected to internal network "Host"

    Test pfSense VM (just stock pfSense install with no changes)
    ..........Adaptor 1 = WAN : connected to internal network "Host"
    ..........Adaptor 2 = LAN : bridged to the host machine's Microsoft Loopback Adapter
     
    Last edited: Jan 28, 2013
  3. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    I very far behind in my VM, VPN classes. I'm just getting to grips with my VM. When I run a VPN, would I install that within the VM or can I get away with doing that in my main OS and would it automatically work in my VM?

    Mirmir, I read on another thread about the difference between using a VPN on your OS and on a VM and you said that it looks like raw internet data. I'm not sure what you mean by that and would be very grateful for an explanation.
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    If your goal is simply to run a VPN, you can do that in the host machine. Any VM that you run will connect to the Internet through the host VPN, as long as its network adapter is NATed to the host (which is the default setting for new VMs).

    If you do that, you can run a second VPN in the VM, and it will connect through the host VPN. You can also run Tails in a VM, and it will connect to the Tor network through the host VPN. Or you can install the two Whonix VMs, and Whonix will connect to the Tor network through the host VPN.

    Alternatively, you can run no VPN in the host machine, but rather in a VM. And then you can chain multiple VMs running VPNs, Tor, I2P, Freenet and/or whatever.

    I don't remember that. What's the URL?
     
  5. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    https://www.wilderssecurity.com/showpost.php?p=2172326&postcount=2

    There's the post, I think I misquoted what you said but I'm still interested.

    I've just tried running a VPN in host and then running a VM and I was pleased to see that the IP changes were also happening inside the VM. While I'm interested in multiple VMs and VPNs, other people have mentioned that this will draw more attention to you rather than distracting it away. I'm not even sure what my ISP or anyone else can see of internet use and in what form. I still feel very much the novice though I very much appreciate your help mirmir.
     
  6. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    Ah. You asked: "Is there a way to, let's say have one media browser on the same machine which bypasses the VPN but all other traffic go through it?" And I said: "In this case, you'd run your VPN on the VM. Host sees naked Internet, and VM uses VPN."

    That is, a media browser on the host would access the Internet directly, not through the VPN. Only a media browser in the VM would access the Internet through the VPN.

    Only the "outer" VPN provider knows that you're using anything more that a single VPN. Other services, such as another VPN provider or Tor entry nodes, know that you're using more, but they don't know who you are (unless the first VPN cooperates).

    Your ISP knows every site that you access, and can see all content, except for traffic using encryption such as HTTPS, SSL/TLS, SSH, etc.

    De nada :)
     
  7. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    awesome sauce , it works!!!!!!!!!!!!!!!!!!!!!!!!

    ok but lemme tell you at the start it didnt , why , cause ive set a manual ip and manual dns as was recommended by air since windows is known to leak dns requests if not set as so ,in my physical net adapter , as soon as i set it to auto it worked , perfect!, not sure why it would even matter thou since i disable ipv4 and 6 , very weird , ive had problems with the 4 vm setup as well , dont work , but 3 is better than 4 anyhow right, less hoops to go through , i guess? btw how would i go about when i want to set up an extra zone for simple speed aka my host using only one vm aka air vm , so i could switch between vpn>tor>vpn and one vpn , depending on speed needs vs security

    id like to hear your oppinion on this mirimir , and another thing now with this up and running would i still have to setup global comodo rules as ive linked you too ,or none at all or what , advice would be much appreciated


    btw i reckon i can disable ipv6 in the loopback microsoft adapter right, i hate ipv6 its a liability


    and well have to talk about some finetuning and about tor nodes , is there a specific sort the tor gateway chooses or can one configure it so that it wont choose shady nodes and how to choose nodes that are closer to the vpn servers used since i recon that would get an extra speed gain



    well that should be a given to set it up to do so, btw i feel better already , abit slower but thats ok ,lols


    and i recon i can remove the virtualbox host only adapter , btw ive thought about this alot , id recon using your real ip on the decoy OS , since the banking servers will have the time youve logged in and if theres no connection logs on your pc for that time , somethings gona seem fishy, windows does gather connection logs i asume and what about the airvpn vm does it leak any net connection logs to windows , gotta know this since

    ill be setting up a air vm on my decoy for anything else than banking as well since your isp sees your connecting to a vpn, without vpn logs in windows youd be able to use the vpn>tor>vpn setup without breaking plausible deniability , since you have a air vm running on your decoy as well and can just say well i run a air vm because its more secure than just using the air client and i want all my net activity thats not tied to me personally be anonymous , the vpn>tor>vpn is just for my hidden os

    ill be awaiting some nice feedback and down the rabbit hole we go , wohoo

    fyi back in the days this setup wouldve been impossible for regular use, wouldve taken a basic website 10 years to load, lmfao


    update>wasnt able to setup the autostart feature as per your link , check the guys tut out on setting up autostart , and lemme know how to get this thing goin , since ive did everything step by step as instructed here


    http://timita.org/wordpress/2011/08...virtualbox-headless-vm-auto-save-stateresume/


    mindboggled why it wont work , once again , btw dont know if this counts , but ive disabled remote desktop sharing o_O

    i dont really get it is he sayin i should use VBoxVmService, or instead use the VBScript or both as i am atm

    my vboxvmservice ini , looks as such


    [Settings]
    ServiceName=VBoxVmService
    VBOX_USER_HOME=C:\Users\unknown\.VirtualBox
    RunWebService=no
    PauseShutdown=5000

    [Vm0]
    VmName=pfSense201x64 aka Gateway Airvpn
    ShutdownMethod=savestate
    AutoStart=no

    [Vm1]
    VmName=pfSense201x64 aka Gateway Mullvad
    ShutdownMethod=savestate
    AutoStart=no

    [Vm2]
    VmName=Tor gateway 0.5.3
    ShutdownMethod=savestate
    AutoStart=no


    this is his vbscript


    Set WshShell = WScript.CreateObject("WScript.Shell")

    cmd = chr(34) & "C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe" & chr(34) & " --startvm" & " pfSense"

    obj = WshShell.Run(cmd, 0)

    set WshShell = Nothing


    not sure if this is ok for my setup or if i should change something bout it, when i restart my host and check in taskmanager if the service is running its stopped , thou in services you can see its set to autostart, weird
     
    Last edited: Jan 29, 2013
  8. merisi

    merisi Registered Member

    Joined:
    Dec 17, 2012
    Posts:
    316
    I just wanted to add that I tried out three Linux distros in VirtualBox and I've found Linux Mint 13 (Maya) to be an absolute delight. It's very smooth and fits nicely in full screen. I would consider using it for my internet use regardless of anything else. Ubuntu 12.04 is a pretty horrible experience and nearly completely put me off. It's funny because when I dual boot with Linux I've always found Ubuntu great and Mint to be a problem. Also got Xbuntu running and although it lags a bit it seems good.

    Think I'll give AirVPN a good go next. I didn't really get on with BolehVPN after trialing it.
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    Congratulations, happyyarou666! You totally hung in there.

    I don't have a clue. But if "auto" works, use it.

    You probably want to verify that Windows can't send anything through that adapter. After all, Windows is still using it, at least to the extent that VBox can connect through it.

    For leak testing that, you'll need to capture on LAN in your router. If you don't have a router that does that, you could build one running pfSense ;)

    That's true. But probably it didn't work because the host pfSense VM wasn't set up and/or connected correctly.

    I added it to simplify switching back to normal Internet connectivity through the host's physical adapter. But that's not necessary if adding IPv4 back works consistently, without having to mess with it.

    That's easy. You already have an internal network "AirVPN" running. Just add a pfSense VM, with default settings (no VPNs, no changes in NAT or firewall rules, etc). Connect Adapter 1 (WAN) to internal network "AirVPN", and Adapter 2 (LAN) to the loopback adapter. But first disconnect the Mullvad pfSense client VM from the loopback adapter.

    I don't know Windows firewalls. It's been too long since I've used Windows for anything that requires serious security and privacy. But I'm sure that other Wilders users could help, if we get their attention. Having said that, I suspect that you could apply whatever rules you had on the physical net adapter to the loopback adapter. But that's a total guess.

    You probably can. But it's already off in pfSense by default.

    Eventually, we will need to understand how to use IPv6 securely. I suspect that total compartmentalization will be needed, because every device will (potentially, anyway) be uniquely identified to all peers.

    You're not (AFAIK) using ra's fast gateway, so it's just (AFAIK) the default Tor setup. I wouldn't mess with it.

    Eventually, it'd be prudent to switch to ra's Incognito gateway, because it will be using the latest Tor releases. I just tried it again, and it's not working, even simply with a workstation VM. We need to figure out what's up with that.

    I've also looked at the Whonix gateway again. It doesn't work in a VPN>Whonix>VPN chain because it's not running a DHCP server. I've tried setting up pfSense with a static WAN IP in the same range as the Whonix gateway's SOCKS proxies, but can't get pfSense to recognize it as a gateway. That probably means that pfSense would need a SOCKS client on WAN. Unless someone can convince me that using the Whonix gateway instead of ra's gateway is better (more secure) I'm not going to bother.

    :)

    Yes.

    That makes sense.

    Even so, the decoy OS logs won't reflect anything you did on the hidden OS. Your ISP's records will show when you were connected to AirVPN. It'll look suspicious if there's nothing in your decoy OS logs reflecting that.

    Windows logs all sorts of stuff.

    I don't know. Windows may log when the AirVPN pfSense VM bridges to the host net adapter.

    The best solution would be using AirVPN in both the decoy and hidden OS, and preventing all network logging in the decoy OS. I recommend starting a separate thread for that question.

    :)

    Word. It's still pretty slow (latency over 600ms) sometimes.

    I haven't worked on that yet.

    Hey ;)

    o_O

    o_O

    Why "AutoStart=no"? Is that because he starts them with the vbscript?

    I suspect that there should be three lines like

    Code:
    cmd = chr(34) & "C:\Program Files\Oracle\VirtualBox\VBoxHeadless.exe" & chr(34) & " --startvm" & " pfSense"
    with one for each pfSense VM. And they should probably start in the right order, with enough delay to allow AirVPN to connect before Tor is started, and to allow Tor to connect before Mullvad is started.
     
  10. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,448
    Question: Why go to all this trouble? Isn't it painting a huge target on your back? If someone was port scanning they would think there would be something very very important on this Pfsense network.

    Why do you need Pfsense if you have a good firewall router? Shouldn't your router do the same thing if it's a decent brand/model with security features?
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    Regarding using VPN1>Tor>VPN2, I see five main advantages:

    1. ISP sees VPN1 connection but not Tor or VPN2
    2. Tor entry nodes (which could be evil) see VPN1 exit IP, not real public IP
    3. Tor exit nodes (which could be evil) see VPN2 entry IP, not websites visited
    4. Tor exit nodes (which could be evil) see only encrypted VPN2 traffic
    5. websites visited see VPN2 exit IP, not Tor exit (which they may be blocking)
    I'm not sure why happyyarou666 wants VPN1>Tor>VPN2 from his host machine, rather than a VM. Maybe it's because he's a gamer :)

    Attackers port scanning his ISP-assigned IP address would just see his LAN router, and nothing about the pfSense VMs. Attackers could see and port scan his VPN1, Tor and VPN2 exit IP addresses, but they wouldn't see anthing about the pfSense VMs there either. And they couldn't correlate correlate all of that without serious effort (compromising Tor and two VPNs). I don't see how "port scanning" could see any "huge target".

    Oh, wait. Maybe you're just talking about my suggestion to use pfSense on his router/firewall. Lots of people use pfSense, even on home networks. Try it, you'll like it ;)
     
  12. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,448
    Nah I'll pass at the moment. Too complicated, I like to keep things simple.

    Just load up a Talis or Liberte VM and easy as you like, your done.

    BTW mirimir what do you think of Liberte? http://dee.su/liberte, Gentoo based Linux LIVECD.
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    I've never used it. By the time I became aware of it, I'd already gone too far down the VM path to be interested. But FWIW, I did get the idea for the VM path from early stuff from Joanna Rutkowska about the Qubes project ;)
     
  14. ComputerSaysNo

    ComputerSaysNo Registered Member

    Joined:
    Aug 9, 2012
    Posts:
    1,448
    Joanna Rutkowska oooh la la :-*

    Yes Qubes is a fine work of art, once Version 2 comes out of Beta that will be my next OS. Have you tried version 1 mirimir?
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    Yes, I have, and I liked it. I found it generally very intuitive, and I'm sure that it's very secure.

    What I didn't find intuitive was setting up networking modules for VPNs and Tor, and chaining them for particular app modules. I was busy with other stuff, and needed to free up the Lenovo T420, so I nuked it. But I'll go back when v2 comes out. It really wants an SSD, BTW ;)
     
  16. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    no cause i like my traffic to be secure thats all , gotta fine tune some things thou in order to gain some more speed,most depending on what node connected too , thats if i knew where to start, lols

    i might as well open a new thread about how to disable network logging in windows , as ive mentioned it being a very important thing, since you wouldnt want plausible deniability broken only cause theres logs showing no connection even thou your isp has logs of your vpn connecting at a certain time , no need to raise unnecessary eye browse, thats why ill use as mirimir stated, a air vm in both decoy and hidden , without logging theres plausible deniability ,with , its abit more difficult if found out if you understand where im coming from


    btw im bout to retest the 4vm setup not sure what the advantage thou mirimir ,and ill just clone the vms setting up 1 group with 3 and one with 4 vm method and one group with just air vm

    ill generally be using the secure vpn>tor>vpn setup thou and im gona need a test from you mirimir on solving the autostart issue mentioned
     
    Last edited: Jan 31, 2013
  17. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    How is it working for you, happyyarou666?

    I'm finally working on video tutorials. I have a first draft of one for installing pfSense (as a VBox VM) and configuring it for AirVPN. It's just under 15 minutes ;) That's real time, with no gaps. I could probably cut it to 10-12 minutes with practice :)

    I don't have any audio yet, but first I'd like to put it up somewhere for review and comment.

    Before I do that, I need to redact stuff like connection times, location reported by whatismyipaddress.com and whatever. It looks like the best approach is editing image sequences using Gimp and its animation package. Is there an easier way?
     
  18. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    sounds good and well currently i seem to be having some issues with it, it dont wanna work for some weird reason , but gimme some time here to do some troubleshooting, i was hoping to gettin that 4vm setup to work as well , and about

    cant help you on that one since im a total noob in that field myself , lols, good to see you doing some nice tut videos
     
    Last edited: Feb 23, 2013
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    Just be methodical. Use a LiveCD VM to look at each router VM, and localize the fault.

    And by the way, I hear that ra put up a new version of his Tor gateway (not Incognito). But I haven't tested it yet. He's also been working on the Incognito workstation, I hear.

    OK, thanks. Anyone else?
     
  20. PaulyDefran

    PaulyDefran Registered Member

    Joined:
    Dec 1, 2011
    Posts:
    1,163
    Sorry brother, I don't do videos either :doubt:

    PD
     
  21. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    After my post "VPN servers raiding/sniffing by LEA" https://www.wilderssecurity.com/showthread.php?t=341017, i decided to go for the method using 2 vpn's ( Mullvad and Airvpn) i have been reading trough many threads , but i find a lot off info goes over my head.
    2vpn's + tor +pfsense is just to complicated for me.
    Would some kind soul provide me or point me to a step by step guide of how to go about setting up a 2 vpn chain ,
    i gather a good method is:

    on the ( windows) host: 1 outer vpn: Airvpn ,romania server = (offshore rogue etc.) ( not anonymously paid ,because isp knows this vpn)

    on a virtualbox vm (win or linux) 1 inner vpn, Mullvad (anonymously paid) second vpn

    @ Mirimir,
    in the above mentioned thread i wrote "
    I i saw a walktrough by your hand about pfsense, in: Why Should I Use a VPN https://www.wilderssecurity.com/showthread.php?t=339051
    it looks fairly complicated , i'll have to do some reading.....

    This walktrough is too complicated for me, so this is why i have this request.
     
  22. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    That's a good setup to start with. And it's not complicated to do.

    Installing AirVPN on a Windows host is easy. Just use their installer.

    Creating a VirtualBox VM is also easy. I'm sure that you can find many tutorials for that.

    I suggest using Xubuntu 12.04 for the VM. It's free, and so there's no money trail.

    For the inner VPN, I suggest starting with Private Internet Access. It's inexpensive, and they have simple instructions for setting up with Ubuntu-style Network Manager.

    The next step is setting up routing and firewall rules on both host and VM to prevent leaks. But that can wait while you're learning the basics.
     
  23. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41

    Yes, i'll start with this.

    No i am not using them ;i wouldn''t have a vpn based in the US.
    some exerpts from their privacy policy: "
    1. "CHOICE OF LAW
    This Agreement shall be governed by and construed in accordance with the laws of the State of Indiana",
    2. They are DMCA compliant: https://www.privateinternetaccess.com/pages/dmca-policy/

    3. they lie in their faq:
    "We are located in the US. Being in the US is optimal for VPN Privacy services since the US is one of the few countries that does not have a mandatory data retention policy."
    Ha ha:CIA, FBI, NSA, differents agencies for an unique intent…global monitoring

    also in the faq:
    " Countries in the EU are forced to log, even though some claim they do not."
    This is not true, and they know it.


    this is from Mullvad:"
    "Do you obey the EU Data Retention Directive?
    No, it does not apply to us; only to ISPs and phone operators."


    So i stay with Mullvad.but you say :
    Does this mean it will be complicated to setup the "network manager "with Mulvad ?

    ok i'll cross this bridge later:-*
     
  24. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,441
    Even to test your setup? ;)

    No, it won't be that much harder. You can still use the PIA instructions, adapting them as needed. You'll have ca.crt, client.crt and client.key (and maybe ta.key) to put in /etc/openvpn, instead of ca.crt only. And the server address and port number will be different. Just look at the OpenVPN config files from Mullvad, and see what values go in the various places in the Network Manager OpenVPN setup.
     
  25. qwax

    qwax Registered Member

    Joined:
    Feb 3, 2013
    Posts:
    41
    You mean install PIA just to get the network settings right and then use this as a base for Mullvad config? that should be no problem


    Sounds mightily complicated, but i'll dive into it.
    Thanks
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.