How do I Setup QuotaGuard VPN Tunneling?
Table of contents
Question: “How can I do VPN Tunneling using Quotaguard?”
Answer: We have a wrapper program call QGSocksify that can route traffic destined for specific IP ranges through our proxies.
We have a few customers use this to send ALL of their outbound traffic through the proxy.
Here are our instructions on how to accomplish this:
1) Download QGSocksify and unpack into your project:
curl https://quotaguard.s3.amazonaws.com/quotaguard-socksify-latest.tar.gz | tar xz
2) Change your startup code to use QG Socksify. In Heroku this is done with the Procfile. Prepend your existing application startup with bin/qgsocksify
.
So if you have a Procfile that looks like this:
web: npm startworker: rails worker go
Then change it to this:
web: bin/qgsocksify npm startworker: bin/qgsocksify rails worker go
3) Set the environment variable QUOTAGUARDSTATIC_MASK to this:
0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/3,96.0.0.0/4,112.0.0.0/5,120.0.0.0/6,124.0.0.0/7,126.0.0.0/8,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4
This should NOT mask out:
- 10.0.0.0/8 - LAN private range
- 127.0.0.0/8 - Loopback range
- 172.16.0.0/12 - LAN private range
- 192.168.0.0/16 - LAN private range
- 224.0.0.0+ - multicast and reserved range
Everything else should go through the QGSocksify.
4) Commit and push your code.
Be sure to add all of the files from the first step. You may have to force add the .so file with the following additional command:
git add -f vendor/dante/lib/libdsocks.so.0
Do you want to send all your traffic through the VPN tunnel?
We are required to say, this solution includes software developed by Inferno Nettverk A/S, Norway.
We know this can be tricky to setup, so if you have questions, write us at Support.