What is the Slackware big picture to configure a VPN client without using NetworkManager (NM)? Use some custom rc.d scripts?

The primary system is a static desktop Ethernet connection. No wireless and thus I never used NM on the system. I see slackbuilds for nordvpn, protonvpn, etc. Would that approach suffice to avoid using NM?

I am new to using a VPN. Appreciated are Slackware compatible VPN provider suggestions. Free cost is a nice option while I learn.

Thanks.

I use openvpn to a VPS I run "out there". rc.openvpn to initialize it. I pay for the VPS anyway, the vpn is gravy. Openvpn clients for all my devices as well. The bonus is being able to get back into my home network without having to deal with stupid nat bullshit/port forwarding. Same thing can be done with wireguard.

Thanks. I don't think we are describing the same thing. I don't want to run a VPN server. I want to connect to an external VPN (Proton VPN, NordVPN, etc.) from my home office workstation. While running my own VPS sounds palatable, my short term goal is learning to use a VPN from home, hopefully with a free trial.

If it's just for learning, then a throwaway account with a provider is probably OK. If you are serious about the security a VPN provides, your better option is to pay for a VPN provider or roll your own with a VPS or dedicated server. A low-cost VPS is sufficient to run a VPN.

I rolled my own with OpenVPN on a NetBSD gateway at head office and OpenVPN clients on Windows PCs at the 12 or so branch offices. I believe it's still running like a champ ten years later.

When I get time I want to set up the fairly new IPsec VPN native to OpenBSD, connecting to it from a mix of iOS, Slackware, NetBSD and Windows clients. The reason : last time I looked OpenVPN delegated their iOS client to a third party. No thanks.

As usual Slackware s trouble-free with both alternatives : OpenVPN and IPsec. As both server and client. OpenVPN is much easier, however.

Depending on how you're going ahead with this you might want a site to site VPN, which consists of two gateways, with clients connecting to the gateways and not running any VPN software on the device itself, or site to road warrior, in which case one machine at a place accessible from the outside world acts as the VPN server, and client VPN software is configured on each device you want to connect to that server.

I understood what you asked, my suggestion was to use what you may already have, and the benefit of not using some commercial vpn that can monitor your activity regardless what they advertise. I understand that you don't want to run your own

#####################

My US$0.02, I wouldnt trust any of those commercial vpns. While they may provide some convenience as far as use/configuration, you have no way to know what they are doing with your traffic.

Ask yourself, what benefit am I expecting to gain from its use?

Hiding DNS queries? From whom?
Hiding web traffic? From whom?
Working around geoip location?

VPNs are not a panacea. They definitely are not a safety blanket stopping tracking.
For targeted purposes they can be useful.

Good luck with your research!

I agree with this. Unless it was a throwaway VPN just for learning, I would not use a third-party VPN provider. In any case, how much is someone going to learn when they have the server set up and guide you through the client setup in a few steps?

I have been using the Astrill VPN service for about a year. They provide a shell script that installs their software in /usr/local and also creates a menu entry in X. It provides tremendously enhanced download speed as well as the ability to overcome regionalisms and censorships. Censorship of certain geographical regions is an increasing problem. Astrill costs about $10/month. They have a VIP service that costs an additional $10/month but I have not tried it.

I had tried some other VPN's (note that I live in Beijing) including Lantern (popular among students), PandaPow, and ExpressVPN. The configuration of Network Manager, openconnect, openvpn, openswan, etc is not a simple matter at all, but I can say that I have done it and greatly prefer using the software from the VPN provider.

There are some notes on Slackware VPN setup scattered among the pages here:

http://www.remy.org.uk/tech.php

IKEv2 is newer than L2TP/IPSec.

StrongSWAN seems to be the favoured client and server software for this kind of VPN.

OpenVPN is a different kind of VPN - layer 3.

I think when you ask "What is the Slackware big picture to configure a VPN client without using NetworkManager?" you are really opening the discussion up to general observations and advice.

I am aware that using any commercial VPN service is mostly "moving the goal posts." I have a narrow specific use case for the VPN. For that need moving the goal posts is sufficient. I don't need fast speeds and have no need to watch videos through the VPN. Just simple text transfers and accessing specific (safe for work) web sites.

Nobody is answering the basic question -- how to connect Slackware to a VPN without NM?

If the VPN provider you're using supports OpenVPN, then that is easily added on Slackware as it has OpenVPN support already included. You just need to load the config file in /etc/openvpn/.

https://docs.slackware.com/howtos:ne...rvices:openvpn

If your provider requires something specific, it might be a lot more work to get it to work on Slackware.

Wireguard is another, supposedly better, alternative to OpenVPN, and it was merged into the kernel starting with 5.6 (prior to that, you needed to compile the kernel module separately). So with -current now having 5.10, -current should now support wireguard (however, I haven't looked into it at all and I don't know if it needs any companion apps within Slackware to use).

Nordvpn provides a series of tutorials on how to setup their service with Linux.
You can use it in conjunction with NetworkManager or you can do it entirely from the command line.
WireGuard is available.
https://nordvpn.com/

The software is available from SBo.
http://slackbuilds.org/repository/14...search=nordvpn

At least, pick a provider who does not required to install its client, but you can use standard client as openvpn.
And vpn does not offer anonymity.
2cts

I had browsed that article before posting. I see I missed this:

/usr/sbin/openvpn /etc/openvpn/client.conf

Seems then I can easily toggle the VPN client without NM.

I never wrote I was looking for that.