[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [DONATE]

Chaining Whonix-Gateway behind Whonix-Gateway?

In https://phabricator.whonix.org/T386#6195 @HulaHoop wrote:

Running Whonix Gateway behind another Whonix Gateway doesn't work for some reason. Any suggestions?

Besides the obligatory warning for other readers:
https://www.whonix.org/wiki/DoNot#Prevent_Tor_over_Tor_scenarios.

In usual setups, Whonix-Gateway receives it’s IP for its external network interface eth0 using DHCP from the virtualizer.

In a chaining Whonix-Gateway behind Whonix-Gateway setup, the inner chain Whonix-Gateway cannot obtain an IP from the outer Whonix-Gateway using DHCP, but because Whonix-Gateway does not run a DHCP server [discussed elsewhere -> https://phabricator.whonix.org/T239]. Therefore you can try to give inner Whonix-Gateway’s external network interface eth0 a static IP. Setting the outer Whonix-Gateway as its gateway.

I havent tested this for a long time.

In a chaining Whonix-Gateway behind Whonix-Gateway setup, the inner chain Whonix-Gateway cannot obtain an IP from the outer Whonix-Gateway using DHCP, but because Whonix-Gateway does not run a DHCP server

That’s ok. We should never introduce DHCP servers/clients on gateway facing the untrusted internal network for security reasons.

I tried manually editing /etc/network/interfaces on GW but I probably put the wrong settings.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Investors] [Priority Support] [Professional Support]