/tech/ - Technology★

Why aren't you just configuring your VPN at a router level anon?

Also I use Openconnect for my vpn. Very easy to set up.

>>996753

>Why aren't you just configuring your VPN at a router level anon?

Well I just got it recently. Thought Network Manager's in-built options will do the trick. Guess not. For me, this is as big as fucking heartbleed or efail, so why isn't it plastered all over the 'net?

is wpa-succlicant any better?

>>996750 (OP)

>>996756

I just started using a vpn and this happens to me all the fucking time.

>>996756

>>996804

If you want to be sure, then use a separate router machine with OpenBSD or NetBSD, with pf rules that deny all traffic except to/from the vpn.

Any old machine that can run one of those OS will work fine. Just make sure it has two ethernet ports and you connect yourself directly to it and don't use any wifi shit. In fact remove the wifi card from your computer, and/or unplug the antenna if it's a laptop, and remove all wireless drivers (delete the files on disk too). You want to be sure all your traffic is only routed through that one firewall box.

>>996753

Maybe he wants to do online banking, connect to accounts with his personal info, or use google maps. No point using a VPN if you're just going to tell them who you are. :^)

>>996833

you can do the same thing with a workstation + gateway VM

network manager has always been a piece of shit

>using VPN instead of Tor

>not having firewall that will block all non-VPN and non-Tor connections

all VPNs are FBI honeypots, they sell data for government for profits. VPN only exist to earn shekels on goys, they don't care about them

>>996849

>Maybe he wants to do online banking, connect to accounts with his personal info, or use google maps.

So what? He can use VPN or Tor with those. or vpn->tor or vpn->proxy

>No point using a VPN if you're just going to tell them who you are. :^)

wrong. if you use vpn or tor with your real accounts, you are hiding your location and true IP address.

the problem with VPN is that you have single IP for everything, so if you logged to bank then to clearnet CP site you are doomed. that's why Tor is superior and destroys VPN. Tor uses separate IP for every website and service that you use

buy it now for promotional 0$ price: https://torproject.org

Your VPN service more than likely has a guide on how to do split tunneling to ensure your browser only functions when you are connected to the VPN through socks5. If you want a system wide VPN then you should have redundancies in place already with your firewall. If all it takes for your IP to be exposed to the internet is your VPN client crashing or not functioning for any reason then you're an idiot for relying on that.

>>996750 (OP)

If you only want to have VPN internet traffic, just set that you don't have a default route.

That way if you're not using the VPN you'll get a no route error.

>>996857

It's not as safe as OpenBSD on a dedicated box that's physically the only route to the Internet.

Lennart Poettering here, not a bug, will not fix. please learn how to use a computer. Closed.

>use laptop with vpn

>IP changes every time lid closes

>cant post without getting called a (((1))) and done shill every fucking time

>>997090

>using nu-/pol/

Hello cuckchan

>>997098

Hello reddit

>>997101

Are you implying that there is even the slightest of difference between cuckchan and reddit?

>>996877

>So what? He can use VPN or Tor with those

You are absolutely correct. You can use VPNs to check the local weather forecast while simultaneously ceasing to be anonymous. Hence the reason I said, No point using a VPN if you're just going to tell them who you are.

>>997111

>No point using a VPN if you're just going to tell them who you are

As long as you haven't allowed yourself to be profiled by doing retarded shit like having cookies on every website doing things that identify you during a single browsing session does not completely negate the benefit of VPN's over the long run. To imply otherwise is just dogmatic autism that has no representation within the reality of only anonymity.

>>997113

You should always keep personal browsing and anonymous browsing separate. It's just common sense, friend.

>>997115

Of course. But the notion that there is no reason to use a VPN for regular browsing is a bit ridiculous. I use VPN's and isolate their purpose within virtual machines. One is for shit-posting, one is for work and general computing, another one is for degeneracy.

>>997116

Do you trust the system admins on the other end of that VPN 100%? I sure don't. I'm not even 100% sure that they don't keep logs.

>An ounce of prevention is worth a pound of cure

>>997119

Once again you're being very dogmatic. VPN's, TOR, none of it is supposed to be a bullet proof system and none of it is advertised as one. It's like putting a sign in your lawn to show people you have a state of the art alarm system installed. If someone is dedicated enough and for whatever reason REALLY wants to rob your house in particular you're fucked either way. But more likely than not it will be a good enough deterrent and have burglars picking another house instead. There is no harm in using VPN, it can only serve to make you more anonymous at face value which is all 99.99% of people will ever need. And that's not even mentioning the fact that they are essentially mandatory if you're doing anything over wifi.

>>996753

>trusting a router

>ever

For some reason Network Manager always loses connectivity when my PC goes to hibernate and it can't be recovered unless I reboot the PC.

Wicd doesn't do that. Even if the connectivity is lost, shutting down the WiFi and then turning it on using Wicd's menu is enough to recover it.

Wicd is just a collection of Python scripts and uses less than 10 MB of storage. Network Manager requires a bunch of packages and it's frail as fuck.

Someone at GNOME is doing a terrible job.

>>997121

Why do you trust a VPN who claims to support your privacy but not your ISP who (probably) doesn't make a claim to support privacy? Is the difference in trust because you pay money to a company who claims to support your privacy while your ISP is silent on the issue of privacy?

>>996750 (OP)

>What is QTDDTOT?

this is why you create a profile for your firewall to only connect through the VPN and switch to that profile once your connection is established.

So if the VPN drops out you have no Internet, and can isolate any programs before switching off the VPN firewall profile to connect again.

>>997211

I'm not sure if this will work for you, but you can do nmcli conn down "literal wired/wireless connection name" then nmcli conn up "literal wired/wireless connection name" and that will restart the device for network manager. You can find the name of the connection either through nmcli conn show or in /etc/sysconfig/network-scripts/ with a file name along the lines of ifcfg-<connection name>. That directory is unique to Fedora though and a different directory is used for every other operating system that uses Network Manager.

>>996750 (OP)

>use private internet access

>install their client

>connect and close lid

>open lid

>automatically reconnects

Stop using a shit VPN client retard. Why would you rely on just network manager for this?

>>998006

>53 out on wlan

DNS leaks.

iptables -I FORWARD -i *your in-interface* -o *your out-interface* -j DROP ????

How is this issue fixed for a wintard? Is setting a proxy to disable browser connection unless VPN is active, and only allowing browser through firewall good enough or do I need more?

windows clients usually come with a built-in kill switch, if it doesn't..

>>998790

The Mullvad client is bloated Electron trash.

>>996750 (OP)

Learn how to build your own router, build a proper VPN concentrator, and stop fucking around with layer 7 bullshit meme apps. You can build a router on an old laptop or desktop PC with this: www.pfsense.org

>>997213

>why add layers if one layer might not be good?

You know nothing about security

semi related but how do I just make it so I'm automatically connected to wifi with my laptop

and whenever I want to connect to a new/another wifi I just add/change it using a cli interface

why

>>998828

>>997213

For the record, you are replying to a different anon.

>>998327

Hmm. You're right; and since I'm connecting directly to the VPN without resolving shit, I don't need this and deleted the rule. It still works fine.

>>998828

>You know nothing about security

You know nothing about security

>>996750 (OP)

>This shit will put someone in trouble one day.

it already has fren, it already has

>>998006

hello d0mhc

I know nothing about security