[HOME] [DOWNLOAD] [DOCS] [BLOG] [SUPPORT] [TIPS] [ISSUES] [Priority Support]

How to setup openvpn? user->vpn->Tor->www


#1

i am very new with whonix and linux.
i am looking for a very simple guide how to setup openvpn in whonix for user->vpn->Tor->www
i have seen the vpn setup guide on the whonix website but it is to complicated for me.
Is there nothing with a gui? or a beginner tutorial?
Can i setup a vpn like this tutorial: https://torguard.net/knowledgebase.php?action=displayarticle&id=53

please, can help me anyone? thank you very much!


#2

WhoZero:

Is there nothing with a gui? or a beginner tutorial?

There is not unfortunately.


#3

please can anyone help me to setup a vpn in whonix for user->vpn->tor ?
Thank you.


#4

Hi @WhoZero

The instructions in this tutorial are for installing openVPN on the host operating system using Network Manager Plugin. To answer your question; you can use it the instruction but they are not whonix specific. However should familiarize yourself with:

https://whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor#On_the_Host

https://whonix.org/wiki/Comparison_Of_Tor_with_CGI_Proxies,_Proxy_Chains,_and_VPN_Services

If you need any further assistance configuring a VPN on the host please try to take out the whonix part of your question as per:

https://whonix.org/wiki/Support#Free_Support_Principle


#5

Thank you for your answer.

one question for the definition of Host in the wiki link, did host mean my real host (Windows 7) or did host mean Whonix Workstation?

I have installed Virtualbox on my Win7 system. I want to use Whonix Gateway and Whonix Workstation in Virtualbox to be anonym in the web. user -> vpn -> tor -> www
I think this is right for me: VPN Installed on Whonix-Gateway ?? but if i use the tor browser on the Workstation, then it is user->tor->vpn->tor ??? i dont understand this. please help. thank you.

can anyone please make an example for mullvad vpn? this would help me much. :slight_smile:


#6

Hi @WhoZero

When someone refers to the host they are usually referring to the operating system installed on your computer. In your case it would mean Windows 7.

If you install VPN on your host:

User-> VPN-> Tor-> Internet

Installing VPN on host is not whonix specific. You should consult your operating system ( windows 7 ) documentation.

If you install VPN in whonix-gateway:

User-> VPN-> Tor-> Internet ( while using whonix-worksation )

https://whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor#Inside_Whonix-Gateway


#7

Thank you again.

for my understanding:
i must do this inside my whonix workstation: https://www.whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor#Inside_Whonix-Gateway
i must Install the Debian OpenVPN package
Setup a vpn
Modify Whonix User Firewall Settings
Reload Firewall

thats all? or must i do the sudoers configuration also?

why i can not use the networkmanager like this:
In the Network Connections box click “add”.
and Import a saved VPN Configuration
Modify Whonix User Firewall Settings
Reload Firewall
??


#8

Hi @WhoZero

No, look at the title: Connecting to a VPN before Tor Inside Whonix-Gateway

If you look these steps are under Preperation . Use these steps to learn how to set up OpenVPN on a debian stable VM . Meaning you use another virtual machine ( Not whonix ) to practice configuring a VPN.

Carefully read and follow the all the steps .


#9

ok, i think now i understand this.

All steps under “Preparation” i do in another debian vm to learn how to do this.
only learning.

for modifying whonix i must do all the steps after “Firewall Settings”

  1. Modify Whonix User Firewall Settings
  2. Reload Firewall
  3. sudoers configuration
  4. VPN Setup
  5. systemd setup
  6. Enable Tor
    ready

wow, this are many work :frowning:
my vpn provider has many server. to change the server is must change the ip in configuration every time?
why there is no more comfortable method for all this?

unsupported did not means not possible or not good? i can try this method…
but the secure way is to use the steps above?

many thanks for help!


#10

Hi @WhoZero

Yes, in order to change your vpn server you will have to change the ip address in the configuration file ( /etc/openvpn/openvpn.conf )

Its untested, undocumented and unsupported. It is possible but may require extensive development and testing before using. The anonymity/security risks are unknown.

Yes, follow the steps in the documentation.


#11

Thanks for help me.

My Host is my Windows 7 Computer. On this i have Virtualbox with the Whonix Gateway and Workstation installed.
On my Win7 host i dont want install VPN or anything else.

What can i do to use vpn->tor->www ?

Is it possible that i install Kali linux in Virtualbox and inside Kali install Virtualbox and inside this Whonix Gateway and workstation?? In this case Kali is my host and here is it simple to install a VPN. but that sounds very crazy :unamused:

Or there any other cases ??


#12

HI @WhoZero


#13

that’s all more and more complicatet :tired_face:

Is there no way to install a vpn in whonix to get a vpn->tor->www connection within Virtualbox?


#14

Hi @WhoZero

I don’t know of another way to actually install a VPN inside VBox with Whonix other than the way(s) already described.

If there is another way it is unsupported:


#15

thank you.


#16

I am surprised that a functioning GUI OPENVPN client isn’t integrated into whonix-gateway desktop. Many places don’t permit tor traffic. With the amount of work put into Whonix this would be a trivial addition that would add a lot of value.


#17

Hi whonixcanitbe

You can configure Whonix Gateway to connect to a vpn server before Tor. I really don’t think adding a Gui would add any value. Just increase attack surface.

https://whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor#Inside_Whonix-Gateway

Related:

https://whonix.org/wiki/Using_Tunnels_with_Whonix


If you mean places that censor Tor traffic, the better option would be to use obfs4 bridges.

https://whonix.org/wiki/Bridges

I’m sure the Whonix team would be more than grateful if you wanted to volunteer your time into integrating this. If this is trivial like you said, it should take you no time at all.