Hi, after recent whonix-gateway update I can’t connect to any of my VPS. I’m trying to connect from WinXP (workstation) through Remote Desktop Connection and UltraVNC. Before update everything was working great, I had no problems with connection. Since the update (tor-geoip-something), I got this notice in whonix-gateway terminal:
“We tried for 15 seconds to connect to ‘[scrubbed]’ using exit $manyrandomnumbersandletters-nodename at IP.IP.IP.IP. Retrying on a new circuit.”
Beside that internet connection works fine on different applications in workstation, the only thing that doesnt work is UltraVNC and Remote Desktop Connection.
How can I fix this?
I have no idea what could cause this. I don’t see how this update would influence this.
Does it persist?
You sure it’s not the server which is offline? Tried any other servers?
UDP vs TCP?
Does it happen without that upgrade?
Maybe not that particular package cause this, I think there was at least two other packages upgraded during that update.
How can I check if it persists?
I’ve been using six different VPS from different providers, none of them work on any workstation right now. I’ve tried WinXP, Win7 also. I’ve downloaded newset whonix-gateway also, updated&upgraded, and it’s the same.
I’ve connected with no problem through VPN that have TOR connection available. So access from TOR it’s not an issue here.
How can I check that? UDP or TCP?
I don’t know, because I have no idea what packages I need to remove.
No idea.
I find it unlikely - not impossible - that any upgraded on the gateway caused this or that removal of any packages would help.
How can I check if it persists?
If you still have the issue now, then definition "problem does still exists" is fulfilled.
How can I check that? UDP or TCP?
That is specific to your application. Check your application settings/documentation for UDP vs TCP. Use TCP, because the Tor network does not support UDP. (Unless this hack... https://www.whonix.org/wiki/Tunnel_UDP_over_Tor)
My application is build-in Remote Desktop Connection on WinXP which is on default settings using TCP 3389 port, which couple days ago was working great. Other similar programs also can’t connect.
Not even one packet is going through on workstation side, in arm terminal I got new notice every 15 seconds:
“We tried for 15 seconds to connect to ‘[scrubbed]’ using exit $manyrandomnumbersandletters-nodename at IP.IP.IP.IP. Retrying on a new circuit.”
over and over and over…
It’s ridiculous, because I didn’t changed anything, beside doing that update, and now it seems completely dead.
It just could be a coincidence. Not the cause. Unlikely, but perhaps there is no more Tor exit, that allows/is capable to let you exit on that port? Can you try on another port?
For diagnosis, you could try to downgrade to earlier version and see if it works then. Unfortunately, downgrades don’t come without risk.
You need to somehow nail the cause of this. Perhaps getting Whonix out of the equation and reproduce so a bug could be reported against upstream. Otherwise it’s unlikely to get such super strange issues fixed.
I’ve tried on ports 5800 and 5900, don’t work. Even when I’m trying connect through putty on port 22, no reaction. What different ports I can try?
I’ve even installed Debian as a workstation, configured internal connection, and tried couple different RDP/VNC clients, none of them work, I’ve got the same notice in arm. So it’s not the Windows fault.
Can you connect right now to some VPS from your workstations?
"Perhaps getting Whonix out of the equation and reproduce so a bug could be reported against upstream"
How can I do that?
I've tried on ports 5800 and 5900, don't work. Even when I'm trying connect through putty on port 22, no reaction. What different ports I can try?
That's sufficient. Sure you also enabled a server listener on these ports?
Can you connect right now to some VPS from your workstations?
ssh works for me.
"Perhaps getting Whonix out of the equation and reproduce so a bug could be reported against upstream"
How can I do that?
Plain debian wheezy + system Tor from torproject's apt repository.
Sorry for late reply, I was offline for couple days. But this issue is the only thing that I can think about right now. I need to solve this.
On http://www.portcheckers.com I run some test, I’ve tested:
- whx-gateway+whx-workstation (only opened ports were 80 & 443)
- whx-gateway+winxp-workstation (22 & 80)
I’ve never checked which ports are opened, and which are blocked because everything was working great, till last week. So now I wonder, why on winxp-wrk I can’t access any of my VPS through SSH on port 22, which is clearly opened? Also why I can send emails even when all “email” ports are blocked? And how can I finally access my VPS through RDP on port 3389?
Port scan run in Whonix-Workstation - if you did that - scans the Tor exit, not your machine.
Port scan of remote servers through Tor is not simple and I won’t be helping with that [for reasons unrelated to you]. Using one VPN of yours to scan another VPS seems easier/better.
Why does e-mail work… That’s kinda networking basics. The easy answer is… For one, webmail doesn’t use the pop/imap/smtp port. Another thing… For reaching open listening/server ports on a remote machine the accessing machine doesn’t need any open incoming/server ports. Not in that sense. See also [random] source port vs destination port and this: