setting up openvpn and airvpn for ubuntu debian

[rolph 1]

so I want to edit a forum post from another user.

This is the best tutorial to follow for ubuntu https://help.ubuntu.com/lts/serverguide/openvpn.html

This will also help ln -s /usr/lib/systemd/system/openvpn@.service /etc/systemd/system/multi-user.targets.wants/openvpn@server.service this creates a symlink.

in the openvpn conf file you want to change a few things. the biggest is if your using tor you want it on tcp proto and 1194 port

another thing is if you use proto tcp you might have to # out or change the config of  explicit-exit-notify 1 at the bottom of the config file. set dhcp route whatever. install ubuntu airvpn and

mono-complete. I think its a .deb file dpkg -i then the file name. if there is a problem apt install -f.

for me the file to run is in cd /usr/lib/AirVPN then run mono AirVPN.exe change the preferences under protocol to tcp

port 1194 openvpn default server or something like that. make sure to set up control port in torrc and enable cookies

AUTH. I use the default control port. disregard sonicvpn That was my other name and was a little excited when I wrote the

post openvpn and tor. as far as losing connection without air running for me i keep openvpn running and that solves the

issue but everybody has there on unique issues. also if you want install wireshark and xarp opensource software and block

icmp with iptables -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable or it might be

iptables -A INPUT -j REJECT --reject-with icmp-proto-unreachable but i must warn you that one of these will sever your

network so you will have to do an iptables -F and iptables -t nat -F and restart or if your like me edit the rules.v6

file I believe the first one works. if you want to save them to load up after every reboot type

dpkg-reconfigure iptables-persistent if you have persistent install and hit yes to both. for ipv6 i disable the whole

thing because i don't need it with sysctl -w net.ipv6.conf.eth0.forwarding=0 for some ubuntu machines the interface

device reads enp1s0 and wlp2s0 for wifi so be careful sysctl -w net.ip.conf.all.forwarding=0 or edit the dhcpcd.conf i

believe where you enable ipv4 forwarding and put the same commands from the net on without sysctl -w for dns leaks

for me there was an addon to install down at the bottom of ipleak.com there will be an explanation

go to firefox settings and addons and search for the addon recommended and enable it in addons depending on what you

get. i have installed wireshark because i really want to see my packets i would recommend it.

try running it without iptables first and work up from there and port forwarding you want your gateway router ip for linksys if your using dhcp make sure to 

ifconfig to check the eth0 device ip its in apps and gaming and turn of undp i think it is if your using a modem i turn of wps for security any kali user would

know that trick. you want your airvpn dns server in ip tables not openvpn if you set them up. I have learned that after you install openvpn its easiest to download config files from client area and set up openvpn in client preferences under advanced and set the directory path of the ovpn server you want to use set protocol to tcp 1194 and make sure openvpn isn't running when you open the client. Also,becareful  because the ip of the server in the ovpn files are not always the same as the ip server in the client so change them according to the client .if you want to try an onion router and you have two computers

I recommend adafruit learning just google onionpi. the tutorial will work with anything debian. I also recommend tails if you do so and if you set it up right you won't need ip tables mine is working fine.the only ones you will need is the redirect iptables. the access point can be difficult to run through the tunnel sometimes which is what i'm working on need some tables chains for that I guess. I also have a site to a firewall with iptables. I have not tried them yet but I will keep you informed. I guess they are suppose to stop ddos attacks. Be back soon.