[bug][test] openvpn stuff with

asked 2017-02-08 19:51:33 +0200

cy8aer gravatar image

updated 2017-02-09 08:30:00 +0200

I tried openvpn with the mimikry. I have a more or less complicated configuration with v6

  • udp via tun
  • route-ipv6
  • tun-ipv6
  • tun-mtu
  • ca/key/cert
  • redirect gateway def1
  • route gateway
  • tls-auth
  • dhcp-option DNS
  • dhcp-option DOMAIN

first I tried to directly import .ovpn file -> crash of preferences. I tried to make variations of complicated options (no ipv6 and stuff) crash

Then I built up a new openvpn setup -> Advanced. I tried to setup the certificates via gui. when then setting the .ovpn file the tunnel can be build up. Deleting the certificate stuff in gui works too (cert confs via ovpn)

But no ipv6. I am not sure what happens with dns resolving (trying it from inside) so I need to make the test from a foreign network tomorow.

Works v4:

  • starting
  • routing

I once had an openvpn crash and in preferences active was still shown.

No ipv6 at all (options are not passed to the openvpn command). Actual I do not know

  • if resolving works with dns behind tunnel
  • default gateway works via redirect-gateway or via route option (redirect-gateway is needed for v6)

ipv6 should work especially when starting up the tunnel in a dual stack environment -> v6 bypasses then!

@coderus: Please find the VPN button for powermenu ;-) @jolla: Event screen options: Link to the VPN menu is ok, but a fast action to enable/disable the VPN would be fine

[Update] the whole dhcp-option stuff does not work: You cannot resolv your internal addresses from inside the tunnel.

Hm... from the point of an end user this is not usable - especially from the security point of view (v6 bypassing). I will open another thread with a tunnel wishlist...

edit retag flag offensive close delete



@jolla: please make a white or (better) blacklist for wlan ssids which should connect via vpn: If you are in your home network you do not need a tunnel. If you are "outside" you may want to switch vpn on. Maybe as an option in the WLAN settings of every network...

cy8aer ( 2017-02-08 19:58:46 +0200 )edit

and an option to enable vpn on unencrypted wifi in general please :)

till ( 2017-02-08 20:16:43 +0200 )edit