Client configuration commands help

Got a problem with Viscosity or need help? Ask here!

antidosed

Posts: 1
Joined: Sat Dec 27, 2014 7:51 pm

Post by antidosed » Sat Dec 27, 2014 8:11 pm
Hello, I am new here. I just purchased Viscosity to use with my VPN provider (privateinternetaccess.com) and I want to create the most secure connection possible.
These are settings I wish to add to my script, I just don't know the syntax.

Data Encryption: AES-256-CBC
Data Authentication: SHA256
Handshake: RSA4096
DNS Leak Protection (if possible)
IPv6 Leak Protection (if possible)

My current configuration:
client
dev tun
proto udp
remote us-midwest.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
crl-verify crl.pem


Also any other recommendations on increasing the security of the connection would be most helpful. Thanks so much!

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Mon Jan 05, 2015 11:27 am
Hi antidosed,

I'm afraid it's not as simple as adding the commands to the configuration, these commands also need to be compatible with the server you are connecting to. We recommend contacting your VPN Provider (privateinternetaccess.com) with this request so they can recommend which server you should connect to, as well as providing you with a ready to go configuration that you can import into Viscosity.

In regards to the last two though, to mitigate DNS Leaks, please open Viscosity's Preferences, go to the Advanced tab, and untick "Apply DNS simultaneously".

To block IPv6 traffic, please try adding the following routes to your connection (Edit your connection, go to the Networking tab, press the +):
Destination: 2000::
Mask/Bits: 4
IP Version: IPv6
Gateway: Custom - ::1

And

Destination: 3000::
Mask/Bits: 4
IP Version: IPv6
Gateway: Custom - ::1

This should direct any IPv6 traffic destined for the Internet to nowhere instead.
Please see the following for more information - http://www.sparklabs.com/support/preven ... fic_leaks/

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
2 posts Page 1 of 1