Officiel protonvpn version doesn't work with Qubes OS

User Support
2

You can use qubes-tunnel then download the ovpn configuration in the protonvpn.

Step in ProtonVPN

Get the ProtonVPN config files:

  • Download the desired configuration files
    • Log into your ProtonVPN dashboard at account.protonvpn.com/login
    • Select Downloads on in the left navigation bar
    • Find the OpenVPN configuration files section and chose
      • Platform: Linux
      • Protocol: UDP (recommended) / TCP if you experience slow VPN speeds (this utilizes port 443)
    • Click the download icons for the server you wish to download

If you selected “Download All configurations”, extract the zip file to your desired location

1880×894 52.5 KB

Find your OpenVPN credentials:

For increased security, ProtonVPN is set-up with two separate credentials to authenticate a connection.

Learn more about how two pairs of credentials increase the security of ProtonVPN.

Log in to the ProtonVPN dashboard and click on Account tab. Here you will see your two type of credentials.
The credentials ProtonVPN Login are used in our applications . OpenVPN / IKEv2 Username is used on manual connections . So please configure the OpenVPN credentials to your preference as you will need to use them to establish a Linux VPN connection. Note : to use our NetShield DNS filtering feature, append the suffix +f1 to your username to block malware, or +f2 to block malware, ads, and trackers (for example 123456789+f2).

Step in qubes-tunnel

Installation:

Install qubes-repo-contrib package using apt-get or dnf in template. Then, install qubes-tunnel in the same way.

Setup

  1. Create an AppVM, called for example sys-vpn , with the provides network option enabled using a template with the previously installed qubes-tunnel package. Make a choice for the NetVM setting, such as sys-firewall .
  2. In sys-vpn settings Services tab, add qubes-tunnel service.

Note: There is no need for adding network-manager service.

  1. As root or using sudo , in sys-vpn execute /usr/lib/qubes/qtunnel-setup --config :
root@sys-vpn:/home/user# /usr/lib/qubes/qtunnel-setup --config

Enter VPN/tunnel login credentials.
Leave blank if not required...

Username: OpenVPN / IKEv2 Username
Password: OpenVPN / IKEv2 Password

Login info saved to /rw/config/qtunnel/tunneluserpwd.txt

Done!
Next, copy or link your config file to /rw/config/qtunnel/qtunnel.conf
  1. Following what’s the last sentence said, still as root or using sudo , in sys-vpn copy the OpenVPN config file from your service provider, for example called user_config.ovpn to /rw/config/qtunnel/qtunnel.conf.conf :
root@sys-vpn:/home/user# cp user_config.ovpn /rw/config/qtunnel/qtunnel.conf

Restart sys-vpn . This will autostart the VPN client and you should see a popup notification ‘LINK IS UP’!

Regular usage is simple: Just use sys-vpn as NetVM for other VMs and start them!

Troubleshooting

If when you restart sys-vpn instead you receive continuous popup notifications stating ‘Ready to start link’, you may need to troubleshoot the connection. To troubleshoot the connection, you can monitor the systemd service that controls the vpn client with journalctl -u qubes-tunnel and view any errors that appear.

If you follow corretly, you should be able to connect.

3 Likes