Vpn client... Topic is solved

Have some feedback, questions, suggestions, or just fancy a chat? Pop it in here.
Post Reply
Zico
Posts: 7
Joined: Fri Oct 02, 2020 6:17 am

Vpn client...

Post by Zico »

Hi!
So i have a Pi 4 incoming. I plan to use it as a vpn client gateway in my network, and use it for some devices going thru a vpn tunnel towards commercial providers. I am testing different vpn providers right now. My question is: I've downloaded client config files from these providers, but they look very different where one has a lot more settings. Does anyone know of this extra stuff is necessary? Provider 1 is config file for Debian(they didn't have raspberry config specifically), 2 is for raspberry pi. I assume number 1 have settings that i could specify in dietpi, but are they necessary? Is this maybe kill-switch functionality? This is obviously Wireguard protocol....
I also wonder if these configs would work with dietpi specifically?

Provider 1:

Code: Select all

[Interface]
PrivateKey = xxx
Address = xx.xx.xx.xx
DNS = xxx.xxx.xx.xx
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT

[Peer]
PublicKey = 
AllowedIPs = 0.0.0.0/0,::0/0
Endpoint = xxx.xxx.xx.xxc:51820

Provider 2:

Code: Select all

[Interface]
PrivateKey = xxx
Address = xxx.xx.xxx.xxx
DNS = xx.xxx.xxx.xx, xxx.xx.xxx.xxx

[Peer]
PublicKey = 
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = xxxxx.xxxx.com:9945
User avatar
trendy
Posts: 133
Joined: Tue Feb 25, 2020 2:54 pm

Re: Vpn client...

Post by trendy »

You shouldn't be posting the keys here, especially the private ones. Make sure that you delete them and have them created again.
The firewall rule looks to me like a kill-switch.
User avatar
Joulinar
Posts: 2287
Joined: Sat Nov 16, 2019 12:49 am

Re: Vpn client...

Post by Joulinar »

Ok I updated the original post and removed all keys and addresses.

In general you should be able to use provider client files without issue
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
Zico
Posts: 7
Joined: Fri Oct 02, 2020 6:17 am

Re: Vpn client...

Post by Zico »

Ok. Yeah i think it might be a killswitch function with provider 1. If i remember correctly they had a checkbox for killswitch while provider 2 didn't....
I will simply try them out then. Let's see if the killswitch works, i think i read somewhere that some people had problems with that activated?

No worries about those keys and ip's, i put in some jibberish instead the real ones... ;)
Post Reply