GW over local (host machine) proxy

badhitman · February 18, 2023, 12:35pm

Hi!
Tor does not work over a regular internet connection. Whonix doesn’t work, Tor browser doesn’t work. All Tor connections are blocked. Obfuscator and bridges don’t help.

I have remote Debian virtual machines. Using the PuTTY tunnel, I create a local proxy (127.0.0.1:1080), set it in the Tor browser and it works fine.

I want to teach the Whonix gateway to use the same proxy. Environment:

Host machine Win 10
Whonix virtualization VirtualBox

How to configure Whonix GW so that the gateway uses the machine’s local proxy host on port 1080?
thx

Patrick · February 18, 2023, 2:20pm

At time of writing, that is undocumented:

Partially documented but incomplete:

badhitman · February 18, 2023, 2:54pm

Thank you for your answer, but your answer raises new questions.

Why is this not documented? Is this not recommended? Bad practice? This is a concern…

Standard situation:

The government or corporate network is blocking Tor connections.
VPN is not reliable: at any moment the connection is terminated and the traffic starts to fly through an insecure connection.
There is a reliable / secure proxy in order to run Tor through it.

I always have some VPS/VDS (many do). Why not take advantage of this Whonix GW. It’s as easy as taking off your underpants before you go to the bathroom.

What do I understand wrong?

Thx again

badhitman · February 18, 2023, 4:00pm

When you first start Whonix GW, you are prompted to set up a proxy. I enter 127.0.0.1 there (I mean the host machine) and port 1080 (I did the same for the Tor browser). Connection does not occur.

Patrick · February 18, 2023, 5:09pm

Bug Reports, Software Development and Feature Requests chapter Community Feedback in Whonix wiki

No, I didn’t intent to imply this. Undocumented means only undocumented. No additional things are expressed.

Possibilities:

There’s no proxy listening on 127.0.0.1. This means on localhost on the Whonix-Gateway VM. Not the host operating system.
Not following instructions (if proxy software runs inside Whonix-Gateway it needs to run under Linux operating system user name tunnel.
Anon Connection Wizard - Whonix creates a faulty config file /usr/local/etc/torrc.d/40_tor_control_panel.conf. (Less likely.)
Something else.

badhitman · February 19, 2023, 6:04pm

thx again, but.

I suspect a mutual misunderstanding. It looks like you’re thinking of running a proxy inside Whonix GW, but I’m running a local proxy server inside a Win 10 host. I’ll formulate:

I have a Win 10 laptop.
in win 10 I run a proxy (PuTTY tunnel to SSH Debian)
in the same Win 10, I launch the Tor browser and other applications through a local proxy (127.0.0.1:1080) - this is convenient.
running VirtualBox with Whonix GW and want it to use a proxy host machine.

It looks like I didn’t formulate the problem correctly. I don’t need to configure VB to use a proxy. There is a suggestion to reconfigure the VirtualBox GW network interface, but I’m afraid to lose in terms of security. What do you say about this?

Patrick · February 20, 2023, 4:05pm

No, in this case, I doubt it.

No.

Understood. Proxy outside of VM, on the host. Proxy not inside the VM.

If done right, I don’t see any security issues. To judge if it’s done right, it needs to be documented, which it is not.