Error Doing User->VPN->Tor->VPN->TOR ExitNode

pradeep · January 8, 2015, 10:44pm

Hi there I was trying to set up a VPN on Whonix-Gateway(hide activity from ISP) and a VPN on Whonix-WorkStation to hide activity from Tor exit node.

I tried using the ‘RiseUp.net’ vpn, but was not able to get bitmask to work. Instead I tried to get this to work using a free VPN at (vpnbook.com)

I was able to get the VPN to work on my Host Machine (linux), but not on either of the Whonix VMs.

I’ve been several hours reading the whonix docs,youtube,stackoverflow, and this forum, but no success on getting VPN to work inside whonix.
While having the Firewall Settings and User Settings blank(since im using .ovpn file), the errors I get are the following:

Whonix-Gateway Error:
user@host:/mnt/shared/VPNBook-Euro2$ sudo openvpn vpnbook-euro2-tcp80.ovpn
Thu Jan 8 20:06:24 2015 OpenVPN 2.2.1 i486-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
Enter Auth Username:vpnbook
Enter Auth Password:
Thu Jan 8 20:06:39 2015 WARNING: No server certificate verification method has been enabled. See How To Guide: Set Up & Configure OpenVPN Client/server VPN | OpenVPN for more info.
Thu Jan 8 20:06:39 2015 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
Thu Jan 8 20:06:39 2015 NOTE: --fast-io is disabled since we are not using UDP
Thu Jan 8 20:06:39 2015 LZO compression initialized
Thu Jan 8 20:06:39 2015 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Jan 8 20:06:39 2015 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Jan 8 20:06:39 2015 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jan 8 20:06:39 2015 Local Options hash (VER=V4): ‘bc07730e’
Thu Jan 8 20:06:39 2015 Expected Remote Options hash (VER=V4): ‘b695cb4a’
Thu Jan 8 20:06:39 2015 Attempting to establish TCP connection with [AF_INET]176.126.237.214:80 [nonblock]
Thu Jan 8 20:06:40 2015 TCP: connect to [AF_INET]176.126.237.214:80 failed, will try again in 5 seconds: No route to host
Thu Jan 8 20:06:40 2015 SIGUSR1[soft,init_instance] received, process restarting
Thu Jan 8 20:06:40 2015 Restart pause, 5 second(s)

Whonix-Workstation Error:

Thu Jan 8 20:42:14 2015 WARNING: No server certificate verification method has been enabled. See How To Guide: Set Up & Configure OpenVPN Client/server VPN | OpenVPN for more info.
Thu Jan 8 20:42:14 2015 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
Thu Jan 8 20:42:14 2015 NOTE: --fast-io is disabled since we are not using UDP
Thu Jan 8 20:42:14 2015 LZO compression initialized
Thu Jan 8 20:42:14 2015 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Jan 8 20:42:14 2015 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Jan 8 20:42:14 2015 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jan 8 20:42:14 2015 Local Options hash (VER=V4): ‘bc07730e’
Thu Jan 8 20:42:14 2015 Expected Remote Options hash (VER=V4): ‘b695cb4a’
Thu Jan 8 20:42:14 2015 Attempting to establish TCP connection with [AF_INET]176.126.237.214:80 [nonblock]
Thu Jan 8 20:42:24 2015 TCP: connect to [AF_INET]176.126.237.214:80 failed, will try again in 5 seconds: Connection timed out
Thu Jan 8 20:42:24 2015 SIGUSR1[soft,init_instance] received, process restarting
Thu Jan 8 20:42:24 2015 Restart pause, 5 second(s)
Thu Jan 8 20:42:29 2015 WARNING: No server certificate verification method has been enabled. See How To Guide: Set Up & Configure OpenVPN Client/server VPN | OpenVPN for more info.
Thu Jan 8 20:42:29 2015 NOTE: OpenVPN 2.1 requires ‘–script-security 2’ or higher to call user-defined scripts or executables
Thu Jan 8 20:42:29 2015 NOTE: --fast-io is disabled since we are not using UDP
Thu Jan 8 20:42:29 2015 Re-using SSL/TLS context
Thu Jan 8 20:42:29 2015 LZO compression initialized
Thu Jan 8 20:42:29 2015 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:0 ET:0 EL:0 ]
Thu Jan 8 20:42:29 2015 Socket Buffers: R=[87380->131072] S=[16384->131072]
Thu Jan 8 20:43:09 2015 RESOLVE: Cannot resolve host address: euro214.vpnbook.com: [TRY_AGAIN] A temporary error occurred on an authoritative name server.
Thu Jan 8 20:43:09 2015 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ]
Thu Jan 8 20:43:09 2015 Local Options hash (VER=V4): ‘bc07730e’
Thu Jan 8 20:43:09 2015 Expected Remote Options hash (VER=V4): ‘b695cb4a’
Thu Jan 8 20:43:49 2015 RESOLVE: Cannot resolve host address: euro214.vpnbook.com: [TRY_AGAIN] A temporary error occurred on an authoritative name server.
Thu Jan 8 20:43:49 2015 TCP/UDP: Closing socket
Thu Jan 8 20:43:49 2015 SIGUSR1[soft,init_instance] received, process restarting
Thu Jan 8 20:43:49 2015 Restart pause, 5 second(s)

I’m new to the community and I will gladly donate a video tutorial (of this issue) if someone shows me how to do this thanks.

Patrick · January 8, 2015, 11:10pm

Know this documentation already, I suppose?

In any case. Re-read. Because…

For user → VPN → Tor → destination part… See…

It will be easier (but also different) to install the VPN on the host.

If you still want to do it on Whonix-Gateway, firewall settings need to be chagned accorind to documentation:

There is also troubleshooting advice:

Please see also my signature about bug reports.

For the user → Tor → VPN → destination part…
Probably best to make a separate topic.

Patrick · February 6, 2017, 7:51pm

See:
https://forums.whonix.org/t/bitmask