On April 1, 2021, we are moving all of our QuotaGuard Support Documentation to 


https://quotaguard.github.io/qg-docs/


 Please Update Your Support Bookmarks


 Documentation for this article will be maintained at 


https://quotaguard.github.io/qg-docs/quotaguard-vpn-tunneling


Please click on the above link to ensure you are reading 

the most recent and updated documentation.


Question: "How can I do VPN Tunneling using Quotaguard?"


AnswerWe have a wrapper program call QGSocksify that can route traffic destined for specific IP ranges through our proxies.  


We have a few customers use this to send ALL of their outbound traffic through the proxy.

Here are our instructions on how to accomplish this:

1. Download QGSocksify and unpack into your project:


curl https://quotaguard.s3.amazonaws.com/quotaguard-socksify-latest.tar.gz | tar xz

2. Change your startup code to use QG Socksify.  In Heroku this is done with the Procfile.  Prepend your existing application startup with bin/qgsocksify. 


  So if you have a Procfile that looks like this:


web: npm start
worker: rails worker go

Then change it to this:


web: bin/qgsocksify npm start
worker: bin/qgsocksify rails worker go

3. Set the environment variable QUOTAGUARDSTATIC_MASK to this:

0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/3,96.0.0.0/4,112.0.0.0/5,120.0.0.0/6,124.0.0.0/7,126.0.0.0/8,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4

This should NOT mask out:
* 10.0.0.0/8 - LAN private range
* 127.0.0.0/8 - Loopback range
* 172.16.0.0/12 - LAN private range
* 192.168.0.0/16 - LAN private range
* 224.0.0.0+ - multicast and reserved range

Everything else should go through the QGSocksify.

4. Commit and push your code.


Be sure to add all of the files from the first step.  You may have to force add the .so file with the following additional command:


git add -f vendor/dante/lib/libdsocks.so.0

We are required to say, this solution includes software developed by Inferno Nettverk A/S, Norway.

If you have questions, or if this solution doesn’t work or fit your use case, please reach out to us at Support so we can help figure it out with you.


Working with sensitive data, like HIPAA, Financial, or Personally Identifiable Information (PII)? 
Then you will want to check out our QuotaGuard Shield solution, it's the same as QuotaGuard Static, but with stronger end to end security for your requests. We can also help migrate current Static customers to Shield for free, just reach out to us at Support to request assistance.