After transitioning from version 4.1 to version 4.2 with documentation, which additional commands will i have to execute ?
Will the configured vpn-qube stop working on the new version and I have to configure it again?
i’m not an advanced user or can someone explain this step by step if i don’t change these ntfables then the internet won’t work, won’t it be safe?
will whonix 17 be ready to use and all you have to do is change the template and netqube in whonix 16 machines?
Yes you have. For wireguard you could use this tuto: Wireguard VPN setup
For openvpn, you can configure it with the network manager like in the official tutorial: tuto.
For a sys-dns with dnscrypt, you can usee this tuto and replace the iptables configuration with this one: [guide] how-to setup a sys-dns qube - #57 by DVM .
I use all this tutos and it’s fine for cryptdns, with ProtonVpn and riseupVpn…
Yes.
Thanks if I understand correctly these nft tables do not affect on correct work whonix gate only on vpn and clearnet ? So what’s the first step after the upgrade from these tutorial you mentioned i should do ? if i want to set up e.g. ivpn or proton vpn, then the first thing i do is all of them one by one,? or maybe for ivpn enough made like on this tutorial? IVPN App 4.2 setup guide
you understand correctly 
It depends on your own needs and what’s most important to you. Everyone has different needs!
Yes one by one.
I don’t use Ivpn, just Proton and riseup. One Vm for each vpn’s provider
1 Like
The guides are for using the App, this allow to easily switch the protocol/obfuscation/server. You must go through the guide for each different VPN you need to set up.
If you use a single VPN server (whatever the provider), the setup can be easier as you can just create an AppVM qube, load a downloaded config in the network manager and you are good to go.
2 Likes
sudo qubes-dist-upgrade --keep-running
i have a problem with this command entering two machines names after this command but at “shutdown of unnecessary VM” still show that want quit second vm like sys-firewall what’s wrong i do ? or maybe i should let off sys-firewall but i guess no
For sure you don’t.
i don’t understand why you want using this command??
Once you have create your sys-vpn, All you have to do is configure your appvm to use Sys-VPN as your Netvm. That’s it.
okay out of date, i know where the error was, you’re right and you helped me again thanks, i’ve already updated to version 4.2 and… everything works even old appvm vpn so i don’t understand if i still have to configure a new appvm with provide network option i understand that this is probably about some ip or dns leaks ? because everything works like on version 4.1
You have update to 4.2 BUT did you upgrade your template to 4.2. If you just restore your templates from 4.1, your templates are probably still running on r4.1 (that’s why everything work like old appvm).
I did the same error.
Check with cat /etc/yum.repo.d/qubes-r4.repo for fedora’s template and with cat/etc/apt/sources.list.d/qubes-r4.list for debian’s template to see if repositories have been updated to 4.2. If it is not the case, look at there: [guide] how-to setup a sys-dns qube - #68 by Tezeria and use the script that @DVM has linked. It’s very easy to use
where i should put these commands in the dom0 or in the terminal of a particular template? because "no such file or directory "
In your templates.
You download the script, you copy it in your templates, you make it executable with sudo chmod +x "*script* " .
Then you run it with sudo bash *script* (in the templates)
1 Like
I would still have a question, what if from a back up file on Qubes 4.2 I recreate machines that were from a 4.1 machine, what steps should be followed exactly to make everything safe ? it’s the same way like update manually or 4.2 clean installation have resolved some of these things.
If you only restore AppVMs from backup then you don’t need to do anything.
If you restore templates or standalones then try this:
1 Like
Why don’t they work imported from Qubes 4.1 on Qubes 4.2 appvm ?
but I should import also dom0 ?
looking at the options given to Qubes is in applications
there is a message: application missing in template
so it’s problems with template so just upload the pass script from 4.1 to 4.2 ?
Only there is a problem in the template missing even the terminal is just StartQubes so how do I do updates?
I didn’t import “default disp-vm” from previous Qubes is that a problem?will Qubes add to vm itself (for example, as is now default-dvm is fine ? ) I’m only asking because during the “restore” it showed me related messages in yellow
There are changes in Qubes OS 4.2 dom0 and qubes tools in templates that are not backward compatible with old templates.
You can restore dom0 without a problem, because it won’t change anything in your current dom0. When you restore dom0 it’ll just copy your old dom0 home directory in the new folder in your new dom0 home directory.
Open the qube Settings → Applications and press “Refresh applications” button. Maybe it’ll help.
You can start the qube and open terminal using Qubes Domains widget.
If you didn’t specify in Initial Configuration that it should create default-dvm qube then you need to create it manually.
Do you have new Qubes OS 4.2 templates? Or did you deselect them in Initial Configuration so you don’t have the new templates?
If you have new templates then use them to update your old templates.
Open the qube Settings → Applications and press “Refresh applications” button. Maybe it’ll help.
refresh failed error like : …“has no atribute to kernel path”
Do you have new Qubes OS 4.2 templates?
yes, I have already installed the new one fedora , so I will replace the one templates that doesn’t work with this one, but the problem remains only with the standalone like this
“You can start the qube and open terminal using Qubes Domains widget.”
are you talking about open console in qube ?
sh terminal requires login I don’t know what I should do
enter
You can update the standalone with the script that I linked before.
No, I’m talking about right mouse click on Qubes Domains widget in tray → qube name → Run Terminal
It should open the terminal window.
You can type login user and press enter.
1 Like
Thanks everything works fine now, there is only a problem with standalone but it’s not your fault, it’s just an upgrade from fedora version 38 to 40 and unfortunately now this error :
the following error occurred while attempting to run terminal Fedora40: cannot connect qrexec agent for 60 seconds, see /var/log/xen/console/guest-Fedora40.log for details
Did you check the log /var/log/xen/console/guest-Fedora40.log?
You can also increase the qrexec timeout like this in dom0 terminal:
qvm-prefs YourQubeName qrexec_timeout 3600
And then connect to the console of the qube using this command in dom0 terminal:
qvm-console-dispvm YourQubeName
Or you can connect to the console in the Qube Manager.
Then you can check what’s wrong in the console.
failed: efi.mount xenstored.service xenconsoled.service