This is how to create a VPN Kill Switch that will make 100% sure you ALWAYS pass traffic through the VPN. I go over a variety of usage after it is built and hardware recommendations.
Cheat Sheet: https://www.christitus.com/vpn-kill-switch/ .
►► Digital Downloads ➜ https://www.cttstore.com
►► Patreon ➜ https://www.patreon.com/christitustech
►► Twitch ➜ https://www.twitch.tv/christitustech
►► Website and Guides ➜ https://christitus.com
Using this just in case my raise gets denied. Thanks ðŸ‘ðŸ½
This is great up to the /etc/sysctl.conf file part, as it does not exist on my Manjaro desktop. It's not anywhere on the system. I'll assume that I have to create one.
i had to add a rule to allow port 53 through UFW as well to get my VPN connection to resolve through the firewall. Otherwise though this was an amazing guide for a linux novice like myself.
Awesome guide!
Thank you!
Thanks for the video, I've followed the steps, now my only problem is that the vpn address can't be resolve? Not sure what to do, by the mean time I've putted the ip address in the openvpn *.conf file and it's working. What would be the best solution for this? Thanks.
I added
net.ipv6.conf.eth0.disable_ipv6=1 to the sysctl.conf.
After hitting sudo sysctl -p, all values turned to 1.
However, every time i reboot my vm and recheck if all interfaces are still disabled, eth0 keeps returning to a value of 0. Anyone else have this issue?
I've created a little script, which makes it easier to switch between multiple openvpn config files.
That way I don't have to type the systemctl commands anymore.
I posted it on pastebin, so people can edit it for their own needs: https://pastebin.com/umYs6jTa
please can i une this vpn for creating multiple ebay acounts ??
U just got me convinced to sign up for expressVPN on your affiliate link, thanks for the tips! If I can make one more request.. could you explain how I can setup a home-lab that I can access from the public internet? Big ups to your content!
Thank you Chris for great videos as always! If I am using another VPN, like CyberGhost for instance, how can I made that start automatically once my Linux Mint is starting? Thank you in advance.
A little tip, sometimes you might need to open port 53 for the initial DNS request to the VPN server itself.
you can add it with the command "sudo ufw allow out 53" at least this was necessary on Arch.
Also, when using Arch the .secrets and express.conf (or whatever you name it) should placed in "/etc/openvpn/client/"
Can I do this on a Raspberry PI? Oops, you do say it can be done a Raspberry Pi at the end of the video. Thanks!
Years ago I was setting up a VPN server for a church but they also wanted to use it as their DHCP server. I sweated for hrs till I finally discovered the two are incompatible on the same system.
Now you have to setup a machine for remote vpn connections. Specially useful in environments where ISP has weird requirements to sync the line with the client and in most cases (at least where I live) you need his router which is garbage and apart from that refuses to work in bridge mode, leaving you helpless if you want to setup vpn with a router device. Pfsense is another way accomplishing that but you need a dedicated machine like the one you setup now.
Also in no guide I found someone referring to ways you can check the h/w requirements for 5 – 10 -50 clients connecting to that machine. What would you need in h/w specs?
Thank you, Chris! Awesome video and article, just what I needed ( I was in the middle of configuring OpenVPN for my new server)
I believe this can fail at resolving the remote VPN server unless have a DNS server elsewhere on your network.
I'm not sure if I did something wrong but this as written is not working for me.
I am still with PIA, I know I should look to move, will look at that soon. What I am finding is that after reboot I am getting no connection. I think the UFW firewall is blocking the openvpn connection from resolving the address of the PIA server.
I changed the address of the PIA server to the ip address in the openvpn conf file and the connection now seems to work.
It would be good to know if there is a better way using UFW rules.
I like the "Fly on the Wall" view.
So you are going to substitute your ISP, which is required by law and your government to keep your data safe, to a company that your government doesn't have any jurisdiction on?
That means that they can keep logs and then lie to you, forget about keeping your data safe. Fraud you say? How are you going to go after them? You have no jurisdiction.
According to them not even your government bothers chasing them for criminal cases, what are you going to do?
Isn't this a lot like wanting to have sex but being afraid your girlfriend is going to cheat on you and give you an STD, so you go ahead and bang a 10 dollar hooker instead?
Tell me how I'm wrong.
This channel could easily be mistaken for a, "Masterclass" ðŸ‘
Ehm, why disable IPv6?
hello chris ! could you explain why on vpn the speed is very slow and how to change that ? only possible with paying vpn??
why not just install a good vpn like internet access that has its own kill switch??