[HOME] [DOWNLOAD] [DOCS] [NEWS] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

Freenet on Whonix 14 using VPN


#1

Hello.

I am currently running Freenet on Whonix 13. This requires me to use a VPN inside the Workstation. I always set this up by adding uwtwrapper_global=“0” to /etc/uwt.d/50_user.conf and TOR_TRANSPROXY=1 to /etc/environment (i.e. the first two steps on https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_VPN). I would then be able to connect to my VPN using the official client from the VPN provider (which has a specific option for connecting to the VPN over Tor) and Freenet would just work.
I can’t get the same to work on Whonix 14.
When trying to log in on the client on Whonix 14 with the same setting I use on Whonix 13 (Host: 127.0.0.1, Port: 9150, Tor Control Port: 9151) I get the error message "Cannot login. (curl: (7) Unable to receive initial SOCKS5 response. - with ‘tor’ (always) proxy and ‘none’ auth). I can log in on the client using no proxy setting, however this doesn’t work to establish a connection either and changing back to Tor proxy when logged in I get another error message very similar to the one above except that it says “Authorization failed” instead of “Cannot login”. It also says it’s “Unable to find IP address of Tor first node of an established circuit”.
I tried downloading config files for openvpn from the provider and using one with proxy ‘none’ and TCP I am actually able to connect to the VPN using openvpn from the command line. The VPN is also used on Tor Browser as evident by the “Something went wrong” message and websites reporting the VPN IP. A connection to Freenet is however never established.
The config file doesn’t modify /etc/resolv.conf, and installing package resolvconf and adding
script-security 2
up /etc/openvpn-update-resolv-conf
down /etc/openvpn/update-resolv-conf
to the config file causes the connection to still be established, but makes it impossible to connect to any websites anymore. Even ending the openvpn process doesn’t restore the ability to connect to websites, as it doesn’t restore /etc/resolv.conf to its original state, which instead ends up without any nameserver specified at all.
However, using the exact same config file (without the update-resolv-conf) on Whonix 13, I am able to use Freenet without problems, so I’m assuming Freenet doesn’t actually care what nameserver is used (maybe it doesn’t even use the nameserver).

I already saw (and read) this thread Whonix 14 and TorGuard VPN which seems to be about a similar issue, but I’m still lost.
I also followed the guide on https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_VPN to the end many times, but never had good results (I always ended up with a system that couldn’t connect to the internet at all).

Any help please?


#2

Hi Hello

You’re going to have to pic what to troubleshoot.

1. Freenet login troubles (VPN providers “official” client)

https://whonix.org/wiki/Freenet#Freenet_inside_the_Whonix-Workstation_-Freenet_over_Tor.28Preferred.29

2. Whonix wiki VPN instructions troubleshoot. Logs and steps to reproduce. See:

https://whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_VPN#How_to_Submit_a_Support_Request


#3

Please, for the love of all that is Holy, upgrade.

You need to disable Whonix firewall on the Workstation for OpenVPN to work on Whonix 14+

Actually we should make a note of that on the wiki but I don’t have the exct code snippet in front of me.


#4

#5

I would hope that disabling it entirely isn’t required. All that matters should be configurable. VPN instructions have chapters on firewall settings.


#6

Nice. I’ll try them and see what gives.


#7

Thank you very much for your help.
I applied the script from https://www.whonix.org/wiki/Dev/Firewall_Unload and can connect to Freenet now. However, trying to connect to the VPN using the graphical client still gives the same error message as before (Cannot login. (curl: (7) Unable to receive initial SOCKS5 response. - with ‘tor’ (always) proxy and ‘none’ auth) / Unable to find IP address of Tor first node of an established circuit.)
Any idea why that would be?
I guess it’s not the end of the world if I can’t get that to work though, it’s mainly useful to see the load on the different available servers and up / down speed, as I often have to try several servers before finding one that gives decent speeds. Maybe I’ll have to look for another application to monitor the speed.


#8

Ok, I got the graphical client to work now, I had to set it to proxy ‘none’ plus TCP instead of the proxy ‘Tor’ setting I used on Whonix 13.