Skip to content
Client configuration commands help
Got a problem with Viscosity or need help? Ask here!
Hello, I am new here. I just purchased Viscosity to use with my VPN provider (privateinternetaccess.com) and I want to create the most secure connection possible.
These are settings I wish to add to my script, I just don't know the syntax.
Data Encryption: AES-256-CBC
Data Authentication: SHA256
Handshake: RSA4096
DNS Leak Protection (if possible)
IPv6 Leak Protection (if possible)
My current configuration:
client
dev tun
proto udp
remote us-midwest.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
crl-verify crl.pem
Also any other recommendations on increasing the security of the connection would be most helpful. Thanks so much!
These are settings I wish to add to my script, I just don't know the syntax.
Data Encryption: AES-256-CBC
Data Authentication: SHA256
Handshake: RSA4096
DNS Leak Protection (if possible)
IPv6 Leak Protection (if possible)
My current configuration:
client
dev tun
proto udp
remote us-midwest.privateinternetaccess.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
crl-verify crl.pem
Also any other recommendations on increasing the security of the connection would be most helpful. Thanks so much!
Hi antidosed,
I'm afraid it's not as simple as adding the commands to the configuration, these commands also need to be compatible with the server you are connecting to. We recommend contacting your VPN Provider (privateinternetaccess.com) with this request so they can recommend which server you should connect to, as well as providing you with a ready to go configuration that you can import into Viscosity.
In regards to the last two though, to mitigate DNS Leaks, please open Viscosity's Preferences, go to the Advanced tab, and untick "Apply DNS simultaneously".
To block IPv6 traffic, please try adding the following routes to your connection (Edit your connection, go to the Networking tab, press the +):
Destination: 2000::
Mask/Bits: 4
IP Version: IPv6
Gateway: Custom - ::1
And
Destination: 3000::
Mask/Bits: 4
IP Version: IPv6
Gateway: Custom - ::1
This should direct any IPv6 traffic destined for the Internet to nowhere instead.
Please see the following for more information - http://www.sparklabs.com/support/preven ... fic_leaks/
Regards,
Eric
I'm afraid it's not as simple as adding the commands to the configuration, these commands also need to be compatible with the server you are connecting to. We recommend contacting your VPN Provider (privateinternetaccess.com) with this request so they can recommend which server you should connect to, as well as providing you with a ready to go configuration that you can import into Viscosity.
In regards to the last two though, to mitigate DNS Leaks, please open Viscosity's Preferences, go to the Advanced tab, and untick "Apply DNS simultaneously".
To block IPv6 traffic, please try adding the following routes to your connection (Edit your connection, go to the Networking tab, press the +):
Destination: 2000::
Mask/Bits: 4
IP Version: IPv6
Gateway: Custom - ::1
And
Destination: 3000::
Mask/Bits: 4
IP Version: IPv6
Gateway: Custom - ::1
This should direct any IPv6 traffic destined for the Internet to nowhere instead.
Please see the following for more information - http://www.sparklabs.com/support/preven ... fic_leaks/
Regards,
Eric
Eric Thorpe
Viscosity Developer
Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
Viscosity Developer
Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
2 posts
Page 1 of 1