Jump to: navigation, search

Template:VPN/Setup/install resolvconf

Update package lists.

sudo apt-get update

Install resolvconf. [1]

sudo apt-get install resolvconf
(If you do not wish to install resolvconf then please see footnotes. [2])
  1. /etc/openvpn/update-resolv-conf uses resolvconf. You will need to install resolvconf in order for the lines beginning with script-security, up, and down to function properly.
  2. In /etc/openvpn/openvpn.conf file change...
    script-security 2
    up "/etc/openvpn/update-resolv-conf script_type=up dev=tun0"
    down "/etc/openvpn/update-resolv-conf script_type=down dev=tun0"
    

    to this (i.e. remove or out comment the lines beginning with "up" and "down" and change the 2 to a 1)

    script-security 1
    

    Open /etc/resolv.conf in an editor with root rights.

    If you are using a graphical Whonix or Qubes-Whonix, run:

    kdesudo kwrite /etc/resolv.conf

    If you are using a terminal-only Whonix, run:

    sudo nano /etc/resolv.conf

    Comment out.

    #nameserver 10.152.152.10
    

    Add.

    ## Riseup.net OpenVPN DNS server
    nameserver 172.27.100.1
    

    If you are not using riseup, you need to replace 172.27.100.1 and enter the virtual LAN IP address of your VPN providers DNS server. You might be able to obtain it from your VPN provider. You can also try to infer it after successfully connecting to the VPN from running "sudo route". The first destination default gateway should function as DNS server also.

    Save.

    If you want to be sure, that /etc/resolv.conf does not get overwritten by other packages. (Such as DHCP or resolvconf.)

    sudo chattr +i /etc/resolv.conf

    If you ever want to remove it, use -i.

    Ignore /etc/resolv.conf instructions below.