i am followed this instructions: Connecting to a VPN before Tor
The vpn is in the gateway. i can connect in the workstation also.
But how to test the route user->vpn->tor ?
i have tried to get the vpn ip from the chapter Leak Tests. but there are only ip s displayed but no ip from my vpn.
Nov 21 20:53:32 host ovpn-openvpn[13260]: /usr/bin/ip_unpriv route add 0.0.0.0/1 via 10.211.1.102
Nov 21 20:53:32 host sudo[13277]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 0.0.0.0/1 via 10.211.1.102
Nov 21 20:53:32 host sudo[13277]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 21 20:53:32 host sudo[13277]: pam_unix(sudo:session): session closed for user root
Nov 21 20:53:32 host ovpn-openvpn[13260]: /usr/bin/ip_unpriv route add 128.0.0.0/1 via 10.211.1.102
Nov 21 20:53:32 host sudo[13279]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 128.0.0.0/1 via 10.211.1.102
Nov 21 20:53:32 host sudo[13279]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 21 20:53:32 host sudo[13279]: pam_unix(sudo:session): session closed for user root
Nov 21 20:53:32 host ovpn-openvpn[13260]: UID set to tunnel
Nov 21 20:53:32 host ovpn-openvpn[13260]: Initialization Sequence Completed
lines 17-27/27 (END)
my whonix runs in a virtual box.
is there any way to check that the route is user->vpn-> tor ?
Thank you for your answer. Here is the output of sudo route in the gateway:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.211.1.106 128.0.0.0 UG 0 0 0 tun0
default 10.0.2.2 0.0.0.0 UG 0 0 0 eth0
10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.152.128.0 0.0.0.0 255.255.192.0 U 0 0 0 eth1
10.211.1.106 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.211.1.106 128.0.0.0 UG 0 0 0 tun0
i can’t see the ip from the vpn.
Here is the output when i check openvpn status with: sudo systemctl status openvpn@openvpn
sudo[972]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 218.50.250.210/32 via 10.0.2.2
Nov 22 24:42:28 host sudo[972]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 22 24:42:28 host ovpn-openvpn[905]: /usr/bin/ip_unpriv route add 0.0.0.0/1 via 10.211.1.106
Nov 22 24:42:28 host sudo[974]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 0.0.0.0/1 via 10.211.1.106
Nov 22 24:42:28 host sudo[974]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 22 24:42:28 host ovpn-openvpn[905]: /usr/bin/ip_unpriv route add 128.0.0.0/1 via 10.211.1.106
Nov 22 24:42:28 host sudo[976]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 128.0.0.0/1 via 10.211.1.106
Nov 22 24:42:28 host sudo[976]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 22 24:42:28 host ovpn-openvpn[905]: UID set to tunnel
Nov 22 24:42:28 host ovpn-openvpn[905]: Initialization Sequence Completed
This is the ip from my vpn: 218.50.250.210 i see this is in the first line. But what means /32 ? Is this correct configured?
When I ran sudo route the VPN IP was listed. This command run in Whonix-Gateway will only show the interfaces and route to the VPN server. It wouldn’t show your Tor traffic.
Yes. The output shows the VPN connected.YOu should be good if you followed the instructions as written and both VPN and Tor connect.
After VPN and Tor connects you can shutdown your VPN to see if the Tor connection also drops. You should loose Tor connection if its tunneled through the tun0 (VPN) interface.
In Whonix-Gateway konsole, start the ARM Tor controller.
arm
In Whonix-Gateway konsole, stop the openvpn service.
When i stop the VPN in the Gateway. In arm all the same before. but no more bars are shown. And if i try to go to a website in the Workstation, it does not work.
ARM in the Gateway shows this:
12:22:04 [NOTICE] Tor has not observed any network activity for the past 76 seconds. Disabling circuit build timeout recording.
12:22:04 [NOTICE] We tried for 15 seconds to connect to '[scrubbed]' using exit $C593AA33365DAD3C9E111F15C9B9D8C7EF964999~ori at 80.200.200.100. Retrying on a new circuit.
12:22:04 [ARM_NOTICE] Unable to prepopulate bandwidth information (insufficient uptime)
Do i restart the VPN and Tor, all works fine in the Workstation.
in the Gateway: sudo route shows now the VPN at the end with eth0:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.211.1.34 128.0.0.0 UG 0 0 0 tun0
default 10.0.2.2 0.0.0.0 UG 0 0 0 eth0
10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.152.128.0 0.0.0.0 255.255.192.0 U 0 0 0 eth1
10.211.1.34 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.211.1.34 128.0.0.0 UG 0 0 0 tun0
218.50.250.210 10.0.2.2 255.255.255.255 UGH 0 0 0 eth0
and the openvpn status output is:
Nov 23 12:49:40 host sudo[18665]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 218.50.250.210/32 via 10.0.2.2
Nov 23 12:49:40 host sudo[18665]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 23 12:49:40 host ovpn-openvpn[18657]: /usr/bin/ip_unpriv route add 0.0.0.0/1 via 10.211.1.34
Nov 23 12:49:40 host sudo[18667]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 0.0.0.0/1 via 10.211.1.34
Nov 23 12:40:48 host sudo[18667]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 23 12:40:48 host ovpn-openvpn[18657]: /usr/bin/ip_unpriv route add 128.0.0.0/1 via 10.211.1.34
This is the ip from my vpn: 218.50.250.210
I think now all is ok. But sorry that i ask again, it is very important for me that this setup is correct. Is this correct configured?
Sorry i must ask again. i use another vpn and now the route has changed
Nov 25 10:23:42 host sudo[8657]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 110.125.120.19/32 via 10.0.2.2
Nov 25 10:23:42 host sudo[8657]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 25 10:23:42 host ovpn-openvpn[8652]: /usr/bin/ip_unpriv route add 0.0.0.0/1 via 172.16.30.1
Nov 25 10:23:42 host sudo[8659]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 0.0.0.0/1 via 172.16.30.1
Nov 25 10:23:42 host sudo[8659]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 25 10:23:42 host ovpn-openvpn[8652]: /usr/bin/ip_unpriv route add 128.0.0.0/1 via 172.16.30.1
Nov 25 10:23:42 host sudo[8661]: tunnel : TTY=unknown ; PWD=/etc/openvpn ; USER=root ; COMMAND=/bin/ip route add 128.0.0.0/1 via 172.16.30.1
Nov 25 10:23:42 host sudo[8661]: pam_unix(sudo:session): session opened for user root by (uid=0)
Nov 25 10:23:42 host ovpn-openvpn[8652]: UID set to tunnel
Nov 25 10:23:42 host ovpn-openvpn[8652]: Initialization Sequence Completed
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.30.1 128.0.0.0 UG 0 0 0 tun0
default 10.0.2.2 0.0.0.0 UG 0 0 0 eth0
10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.152.128.0 0.0.0.0 255.255.192.0 U 0 0 0 eth1
128.0.0.0 172.16.32.1 128.0.0.0 UG 0 0 0 tun0
172.16.30.0 0.0.0.0 255.255.240.0 U 0 0 0 tun0
110.115.120.20 10.0.2.2 255.255.255.255 UGH 0 0 0 eth0
110.115.120.20 is the vpn
why is this route different from my last one (except the vpn)? 172.16.30.0 instead of 10.211.1.34
I have problems to understand the route table. do you know a place where is it good explained to learn?