Page 1 of 1

VPN connection automatically???

PostPosted: Oct 13th, '20, 18:08
by majaoud
Hello everyone:

I want to turn on my machine and get connected to my VPN sharing internet with my phone, automatically.

I mean, without a display, or mouse or keyboard...

I have 2 different problems:

Problem1:
If I want to share connection with my phone, via USB, automatically. Is there anyway to configure this?

Problem2:
I need to get connected automatically to a VPN. Is there anyway to configure this?

Thanks everyone!

Re: VPN connection automatically???

PostPosted: Oct 13th, '20, 21:40
by doktor5000
Hi there, might help if you could add some details.

What sort of VPN do you use, is it something standard like an OpenVPN connection, or some proprietary VPN ? And how do you connect to it currently?

Re: VPN connection automatically???

PostPosted: Oct 13th, '20, 21:49
by majaoud
Sorry for the lack of information dok!
It is a regular OpenVPN.
Actually, I have no problem to get connection to this VPN.
Currently I'm doing it with a display, a keyboard and a mouse.
I go to the network center, right-click, openvpn, myvpn.

But this is not a solution for me.
What I need is to get those steps done in the startup, automatically.
Turn on the machine (no devices connected) and get connected to my VPN.

Is this possible?

Re: VPN connection automatically???

PostPosted: Oct 14th, '20, 20:14
by doktor5000
Can't really tell you how it would work with openvpn connections that are managed by net_applet (you could try to set them to automatically connect via the systray icon, though).
I'd switch to networkmanager (check viewtopic.php?f=25&t=5782) and change the VPN connection to connect automatically, the latter part can be done via nmcli or nmtui.

Afterwards you could run a nm-dispatcher script that start connection sharing, if you don't want to set that up again using networkmanager.
Have a look at e.g. https://wiki.archlinux.org/index.php/Ne ... r_examples or https://developer.gnome.org/NetworkMana ... nager.html

Re: VPN connection automatically???

PostPosted: Oct 18th, '20, 03:34
by jiml8
I am doing something substantially similar to what you want to do, though I put together a dedicated system (running on a raspberry Pi) to do it. My system, on startup, configures itself and starts the VPN all through systemd. It normally runs headless, though I usually have an SSH connection to it from my workstation.

All devices on my LAN that I want to go through the VPN will be given the raspberry pi's network address as the gateway to use and thus their traffic automatically goes to the VPN. If the VPN should go down, all internet connectivity for those devices is lost, therefore I don't have any inadvertant leaks to the internet.

My phone uses this system, accessing it via my in-house wifi hotspot. The raspberry pi has a built-in wifi, so it could be used for this purpose. I have the raspberry pi's wifi disabled because I am not using it.

Actually, I have 2 of these VPN gateways set up. One is on my LAN and the other is on my IOT VLAN. The one on the IOT VLAN exists primarily to prevent my smart TV from spying on me and, in conjunction with my local DNS server (running on another raspberry PI) I keep my TV from selling me out. That RPI also has a firewall configuration to block DNS over HTTPS connections, which are being used more and more to spy from IOT devices.

If you like, I can post the various scripts used to configure this here. The RPI devices are all running a variant of Debian, so the setup is not identical to what it would be on a mageia system. Also, there are several different scripts to make it all work, and many people would find the setup to be daunting.

It does, however, work quite well as an unattended appliance on my network. I use SSH to keep an eye on it just because, and to occasionally restart the VPN or point it at a different target. I am using a commercial VPN service, specifically ProtonVPN, so some of the setup is specific to that provider. That, however, is the minor portion of the setup; I could change providers without any particular trouble.

So, if you or anyone else wants to see the scripts, just say so and I'll go to the trouble to copy them over and explain them.