Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated: 1 00:00:00,750 --> 00:00:08,790 Previously we seen how easy it is to connect to a VPN server if the provider offers a VPN client. 2 00:00:08,820 --> 00:00:13,730 As I said earlier most VPN providers do not support Thales. 3 00:00:13,770 --> 00:00:20,220 Therefore if you want to connect to a VPN from Thales and your provider does not support Thales you'll 4 00:00:20,220 --> 00:00:27,540 have to manually modify the firewall settings installed the needed software and connect to the VPN server 5 00:00:27,540 --> 00:00:29,900 that you want to connect to. 6 00:00:29,910 --> 00:00:36,360 So in this lecture I'm going to show you how to do that so that you can connect to any VPN server from 7 00:00:36,360 --> 00:00:43,590 tells please keep in mind like I said earlier connecting to a VPN from Thales is optional. 8 00:00:43,590 --> 00:00:49,980 This is not a required step because as we know Thales automatically forces all traffic to go through 9 00:00:49,980 --> 00:00:51,070 the Tor network. 10 00:00:51,180 --> 00:00:57,450 Therefore by default it is more private and more anonymous than most operating systems. 11 00:00:57,450 --> 00:01:02,010 So the main thing that I'm actually going to be showing you in this lecture is how to configure Thales 12 00:01:02,490 --> 00:01:09,160 so that it redirects data to our VPN provider and then connect to this VPN provider. 13 00:01:09,270 --> 00:01:11,200 So let's go to Thales. 14 00:01:11,490 --> 00:01:14,070 As you can see here I haven't even logged in yet. 15 00:01:14,160 --> 00:01:17,790 Before doing that you need to add an admin account. 16 00:01:18,090 --> 00:01:19,930 So I showed you how to do that before. 17 00:01:20,020 --> 00:01:25,620 We're going to click on the plus and we're going to click on the administrator password and we're just 18 00:01:25,620 --> 00:01:32,130 going to set an admin password so that we can execute commands with Admin privileges. 19 00:01:32,250 --> 00:01:40,120 They're going to click on add two added and then we're gonna start tells Now once you're inside tells 20 00:01:40,380 --> 00:01:42,490 I'm going to go and start my terminal. 21 00:01:42,550 --> 00:01:46,480 So we're gonna go through applications and run the terminal from here. 22 00:01:47,980 --> 00:01:52,810 This is basically a program that allow us to execute commands on the system. 23 00:01:52,810 --> 00:01:57,520 I know it sounds a little bit scary but don't worry I'm gonna walk you through it and the first thing 24 00:01:57,550 --> 00:02:04,870 I want to do is change my privileges to admin privileges because I'm going to be modifying the system 25 00:02:04,870 --> 00:02:07,750 settings and I'm going to be installing additional software. 26 00:02:07,840 --> 00:02:13,200 Therefore I need to be admin for this so to change our permissions to admin. 27 00:02:13,220 --> 00:02:20,920 We're gonna do sudo as you it's going to ask you for the admin password so I'm gonna put the password 28 00:02:20,950 --> 00:02:24,950 that I just said at the start of the video. 29 00:02:25,020 --> 00:02:31,530 Now if you notice at the start I was saying amnesia which is the user that we were using at amnesia 30 00:02:31,990 --> 00:02:39,460 but now it's saying rude at amnesia meaning that we're gonna be executing commands as rude rude is the 31 00:02:39,490 --> 00:02:45,880 admin user account on the system so I'm going to clear the screen and the first command that I want 32 00:02:45,880 --> 00:02:54,130 to run is a command to install open VPN open VPN is a program that we're going to use in order to connect 33 00:02:54,280 --> 00:03:02,440 to our VPN server regardless of what VPN provider you're using whether you use a node or any other VPN 34 00:03:02,440 --> 00:03:03,130 provider. 35 00:03:03,160 --> 00:03:04,390 It doesn't really matter. 36 00:03:04,390 --> 00:03:07,310 You can use open VPN with all of them. 37 00:03:07,360 --> 00:03:12,610 So the first thing that we need to do is install this program on tells and to do that. 38 00:03:12,640 --> 00:03:15,800 All we have to do is do abd get. 39 00:03:15,970 --> 00:03:23,530 This is the program entails that we can use to install other programs and what we want to do is install 40 00:03:24,180 --> 00:03:33,020 and the program that we want to install is called Open VPN so apt get is a program that we use to install 41 00:03:33,080 --> 00:03:38,870 other programs install is what we want to do we want to install another program and the program that 42 00:03:38,870 --> 00:03:42,410 we want to install is called Open VPN. 43 00:03:42,410 --> 00:03:47,150 I'm going to hit enter and this is TELL ME DO I REALLY WANT TO DO THIS. 44 00:03:47,170 --> 00:03:53,630 I'm going to say yes so I'm going to type away from my keyboard and hit enter and perfect. 45 00:03:53,630 --> 00:03:57,200 Now open VPN is installed as you can see in here. 46 00:03:57,320 --> 00:04:04,100 Now you can see the notification that we have right now it's asking us if I want to install this program 47 00:04:04,140 --> 00:04:06,910 on the once or install every time. 48 00:04:07,190 --> 00:04:13,280 If you click on installed every time Thales will install this program every time you start tales because 49 00:04:13,340 --> 00:04:15,220 as we know it tells us amnesia. 50 00:04:15,230 --> 00:04:22,120 So if you pick install on the ones it'll only be installed for the session if you restart the computer. 51 00:04:22,140 --> 00:04:23,700 It will be removed. 52 00:04:23,810 --> 00:04:29,960 So I'm going to click on install every time and this way every time I'm a star tails it'll automatically 53 00:04:29,960 --> 00:04:35,810 install open VPN for me and I'll be able to use it without doing the app to get commands that we just 54 00:04:35,810 --> 00:04:37,280 did. 55 00:04:37,440 --> 00:04:44,860 So now that we have open VPN installed we're actually ready to go and connect to our VPN. 56 00:04:45,030 --> 00:04:52,300 But before doing that you need to go ahead and download the configuration files of your VPN. 57 00:04:52,320 --> 00:04:55,470 Now you need to get these from your VPN Provider. 58 00:04:55,470 --> 00:04:58,040 Most VPN providers will give you that. 59 00:04:58,170 --> 00:05:00,120 The process of doing that is different. 60 00:05:00,120 --> 00:05:02,220 You might even need to communicate with them. 61 00:05:03,060 --> 00:05:09,230 But right now I already have them downloaded in my Tor Browser persistent directory in here. 62 00:05:09,360 --> 00:05:17,040 These are the configuration files that I need for my VPN provider to connect use an open VPN. 63 00:05:17,040 --> 00:05:23,580 The main file which is the conflict file is the file with the dot o VPN extension. 64 00:05:23,580 --> 00:05:31,020 If I double click this file you'll see the open VPN configurations and all you need to do is basically 65 00:05:31,020 --> 00:05:32,330 run open VPN. 66 00:05:32,340 --> 00:05:38,850 The programs that we just installed and tell it to use the configuration in this config file. 67 00:05:38,970 --> 00:05:45,660 This will work on any system you can even do it from Windows or Linux but it won't work from Thales 68 00:05:45,840 --> 00:05:52,210 because like I said earlier Thales is configured to force all traffic through the Tor network. 69 00:05:52,290 --> 00:05:59,010 So before doing that before trying to connect to our VPN we need to modify the firewall settings so 70 00:05:59,010 --> 00:06:07,830 that all data is forced to go through the VPN first and then go to the TOR network so to do that. 71 00:06:07,950 --> 00:06:14,580 I'm going to open the configuration file for the firewall so I'm going to go back to my terminal and 72 00:06:14,640 --> 00:06:15,970 I'm going to do G. 73 00:06:16,050 --> 00:06:23,790 Edit the edit is a text editor so I'm basically saying I want to use a text editor to open a text file 74 00:06:24,180 --> 00:06:30,530 and the text file that I want to open is the text file that controls the firewall in tails. 75 00:06:30,930 --> 00:06:39,910 So the that text file is stored in ATC firm and the name of the text file is firm dot com. 76 00:06:41,470 --> 00:06:47,350 So we're doing G edits because that's the text editor that we want to use and we're telling it we want 77 00:06:47,350 --> 00:06:50,380 to edit the following file. 78 00:06:50,380 --> 00:06:52,770 If I had entered this will open the file for me. 79 00:06:52,780 --> 00:06:59,500 As you can see in here and what we want to do like I said we want to add an exception for the VPN server 80 00:06:59,680 --> 00:07:01,180 that we want to connect to. 81 00:07:01,780 --> 00:07:09,470 So I'm going to scroll down and I'm going to look for where it says whitelist access to local resources. 82 00:07:10,000 --> 00:07:16,390 And in here we're going to add the information of this server that we want to connect to. 83 00:07:16,390 --> 00:07:19,950 We can get this information from here from the conflict file. 84 00:07:19,990 --> 00:07:24,540 Like I said this is the file with the dot o VPN extension. 85 00:07:24,700 --> 00:07:34,390 So the first thing we're going to do is type D A D D R to specify the IP of the VPN server that we want 86 00:07:34,390 --> 00:07:38,130 to connect to and we can get that from the conflict file. 87 00:07:38,370 --> 00:07:40,270 It's after the remote in here. 88 00:07:40,330 --> 00:07:42,570 So we have it right here. 89 00:07:42,670 --> 00:07:50,120 I'm just going to copy this and paste it here then we're going to need to specify the protocol. 90 00:07:50,140 --> 00:07:54,260 So I'm going to type protocol followed by the protocol. 91 00:07:54,400 --> 00:07:59,410 Again looking at the conflict file we can see the protocol is UDP. 92 00:07:59,410 --> 00:08:05,080 So again we're just going to type UDP in here then we need to specify the port. 93 00:08:05,140 --> 00:08:11,170 So we're going to type deep port again we're going to get that from the conflict file from the remote 94 00:08:11,200 --> 00:08:16,620 entry so the remote contains the IP followed by the port so we can see the port here. 95 00:08:16,630 --> 00:08:19,090 It's 1 1 9 1. 96 00:08:19,090 --> 00:08:29,730 Again we go back here 1 1 9 1 and we're gonna save for this specific IP with this specific protocol 97 00:08:29,760 --> 00:08:31,230 with this port. 98 00:08:31,290 --> 00:08:36,870 I want you to allow the admin user the route user to do anything. 99 00:08:36,870 --> 00:08:46,720 So we're gonna open two curly brackets and we're gonna see mod owner the new I.D. of the owner is rude 100 00:08:46,740 --> 00:08:53,490 like I said root is the admin in Linux and we're gonna say we want to accept all connections that this 101 00:08:53,490 --> 00:09:03,270 user does to this specific IP with this specific protocol with this specific port the next thing that 102 00:09:03,270 --> 00:09:11,310 we need to do is redirect and force all traffic to go through this VPN server so that anything that 103 00:09:11,310 --> 00:09:17,940 the operating system does will have to flow this way and that way it is very difficult for other programs 104 00:09:17,940 --> 00:09:26,250 to access the Internet directly and therefore leak information about our real IP and real identity. 105 00:09:26,250 --> 00:09:34,400 So to do that we're going to scroll down to where it says Tor is allowed to do anything it wants to 106 00:09:34,400 --> 00:09:35,090 do. 107 00:09:35,150 --> 00:09:39,740 We're gonna say this can only be valid if the outer face. 108 00:09:39,770 --> 00:09:50,810 So the interface in which data flows through is t u and 0 now 2 and 0 is a virtual interface that doesn't 109 00:09:50,810 --> 00:09:52,050 exist right now. 110 00:09:52,130 --> 00:09:58,780 It will be created once we connect to the VPN server and what we're doing right now in here is force 111 00:09:58,780 --> 00:10:05,540 and all traffic to go through this interface that will be creating the encrypted tunnel between our 112 00:10:05,540 --> 00:10:10,430 computer and the VPN server so that's it. 113 00:10:10,430 --> 00:10:15,920 Right now first of all we added a rule to allow Thales to connect to the VPN server. 114 00:10:16,160 --> 00:10:23,000 And second we configured the firewall to force all traffic to go through the connection of this VPN 115 00:10:23,000 --> 00:10:23,510 server. 116 00:10:24,080 --> 00:10:24,700 So I'm gonna do. 117 00:10:24,700 --> 00:10:30,310 Control is to save this and we're gonna do control q to quit the file. 118 00:10:30,350 --> 00:10:37,820 We're also done with the config so I'm going to close it in here and I'm gonna clear my screen and right 119 00:10:37,850 --> 00:10:44,660 now we just have to do one more thing before connecting to the VPN server which is restarting our firewall 120 00:10:44,720 --> 00:10:47,260 for these changes to take effect. 121 00:10:47,450 --> 00:10:56,210 To do that we're going to do ATC in it the D firm which is the name of my firewall and we're going to 122 00:10:56,210 --> 00:10:59,330 say I want to restart this firewall. 123 00:10:59,330 --> 00:11:06,050 We're going to hit enter and if you fail at the stage it means that you miss configured one of the rules. 124 00:11:06,080 --> 00:11:11,990 So please just revise the video and make sure you set up the rules exactly like I did. 125 00:11:12,080 --> 00:11:15,930 As you can see I was able to restart it with no issues at all. 126 00:11:15,950 --> 00:11:24,200 Therefore right now I am ready to go ahead and connect to my VPN server now before doing that let me 127 00:11:24,200 --> 00:11:25,270 just show you right here. 128 00:11:25,280 --> 00:11:29,860 As you can see the configuration files are stored in my home. 129 00:11:29,900 --> 00:11:32,120 Persistent tor browser. 130 00:11:32,270 --> 00:11:38,660 So I need to navigate to this location before being able to use these files. 131 00:11:38,660 --> 00:11:45,740 So we're going to use the CDE command to change my current working directory to this directory. 132 00:11:45,860 --> 00:11:53,750 So we're going to do CDE followed by persistent and you can use the TARP to auto complete for example. 133 00:11:53,750 --> 00:12:00,410 I'm just gonna type T O R and press tab to auto complete tor browser. 134 00:12:00,410 --> 00:12:04,670 If I hit enter you'll see that I am inside the correct path right now. 135 00:12:04,670 --> 00:12:06,560 Same path as you see in here. 136 00:12:07,220 --> 00:12:13,130 Therefore right now I can go ahead and use this file to connect to my VPN server. 137 00:12:13,820 --> 00:12:19,110 So we're going to use the program open VPN that we installed at the start of the video. 138 00:12:19,280 --> 00:12:27,080 So we're gonna do open VPN dash dash config to specify the config file and again as you can see in my 139 00:12:27,080 --> 00:12:31,680 case the conflict file right here is called config dot or VPN. 140 00:12:31,880 --> 00:12:37,490 In your case it might be called something else but the config file is always the file that ends with 141 00:12:37,490 --> 00:12:38,880 DOT or VPN. 142 00:12:39,530 --> 00:12:44,220 So I'm gonna type config that or VPN and before I had entered. 143 00:12:44,240 --> 00:12:47,720 Just gonna go over the command or use an open VPN. 144 00:12:47,720 --> 00:12:51,780 This is the program that will allow us to connect to our VPN server. 145 00:12:51,860 --> 00:12:57,560 We're doing dash dash contact to specify the config file and my config file is called config. 146 00:12:57,560 --> 00:13:00,930 That old VPN I'm going to hit enter. 147 00:13:01,760 --> 00:13:05,220 And as you can see it's going to ask me for the password. 148 00:13:05,240 --> 00:13:11,390 This is your password to connect to your VPN server not the password of the system. 149 00:13:11,390 --> 00:13:15,820 So I'm going to input mine right now here and there. 150 00:13:16,110 --> 00:13:16,810 And perfect. 151 00:13:17,240 --> 00:13:23,340 If you see initialization sequence completed this means that the connection has been established. 152 00:13:23,450 --> 00:13:32,320 Now you will also notice that the Onion icon in here will have an X as if you're not connected to anything. 153 00:13:32,390 --> 00:13:33,700 Don't worry about this. 154 00:13:33,770 --> 00:13:39,010 You're seeing that because right now the traffic is forced to go through the VPN server. 155 00:13:39,020 --> 00:13:45,080 Like I said and that's why the system thinks that it's not connected but it is actually connected to 156 00:13:45,080 --> 00:13:48,320 the VPN server to confirm this. 157 00:13:48,320 --> 00:13:51,260 I'm gonna go and run my tor browser. 158 00:13:53,120 --> 00:14:00,190 And I'm just gonna go to check the Tor Project dot org and perfect as you can see it's still announced 159 00:14:00,250 --> 00:14:04,550 that my browser right now is configured to use data or browser. 160 00:14:05,270 --> 00:14:11,840 So right now what's happening is we're connecting to the VPN first and then our traffic is routed to 161 00:14:11,840 --> 00:14:17,750 the TOR network and then like I said we can bounce through three nodes and then go to the Internet or 162 00:14:17,750 --> 00:14:22,240 stay within the Tor network and access on hidden services. 163 00:14:22,420 --> 00:14:28,240 Now just to make sure that this is the way our computer is set up and it can't access the terror network 164 00:14:28,240 --> 00:14:30,430 directly or the Internet directly. 165 00:14:30,520 --> 00:14:35,350 What I'm going to do in here I'm just going to go back to my terminal window and I'm going to press 166 00:14:35,350 --> 00:14:43,210 control and see to quit the running program right here and now if I go back to my Tor Browser and refresh 167 00:14:43,210 --> 00:14:49,720 the page you will see that I do not have connection and that is perfect because while I just did right 168 00:14:49,720 --> 00:14:56,180 now I disconnected from the VPN server and because I did that I can't access anything. 169 00:14:56,620 --> 00:14:58,350 And this is exactly what we want. 170 00:14:58,350 --> 00:15:06,580 We want our computer to be configured in a way that it forces all traffic through the VPN server if 171 00:15:06,580 --> 00:15:12,130 you want to go back to the previous configuration where traffic is forced through the Tor network directly. 172 00:15:12,580 --> 00:15:15,030 All you have to do is simply restart tails. 173 00:15:15,070 --> 00:15:16,550 Tails is amnesiac. 174 00:15:16,600 --> 00:15:23,080 All of these configurations will disappear and you will be connected to the TOR network directly. 175 00:15:23,080 --> 00:15:30,520 As usual now this could be a feature and can be something annoying if you always want to connect to 176 00:15:30,520 --> 00:15:36,880 a VPN because every time you restart tails you will have to do this you will have to do all of the steps 177 00:15:36,880 --> 00:15:43,240 that I showed you previously in order to connect your VPN provider because your settings will be reset 178 00:15:43,270 --> 00:15:44,620 every time you restart. 19881