Icedove with TorBirdy - user -> Tor -> VPN -> mail proivder

whonixer · July 28, 2015, 5:57pm

ah ok, thanks

i connect to a vpn server on my whonix workstation, because i want to establish the following: [my PC] <> [Tor] <> [VPN Server] <> [Internet]

This way i can use many tor non-friendly services (such as most email providers).

If i use Icedove, with TorBirdy enabled, can i still be shure, my email provider only see’s the vpn’s ip?

And just to be sure a 2nd question (because i lack of the deep understaning whats going on:)) Can i be shure that every traffic outgoing from my whonix workstation (ssh, ftp, etc.) is routed through the tor network? So there no caveats?

Many thanks again!

Hiberts · July 31, 2015, 4:44pm

Generally all non tor traffic is blocked by whonix gateway .
It’s impossible or very hard to circunvent this, unless you heavily modify the gateway .

Patrick · July 31, 2015, 5:57pm

typo: shure → sure

You would need to set TorBirdy to transparent torification (using system default networking). Because it’s preconfigured to use network settings “Whonix”, which means, that it’s preconfigured to use a SocksPort for stream isolation (Stream Isolation). Using SocksPorts directly circumvents the VPN. For better certainty, during the initial setup, I recommend to disable that SocksPort on the gateway.

Highly recommend to read the VPN documentation:

Hiberts · September 22, 2015, 11:37pm

I have the VPN on the host and now i’m using your vpn-firewall .
I hope i understood wrong, if i use the socks port for emails ( example ) the traffic can travel out the vpn ?

Patrick · September 23, 2015, 6:59am

[quote=“Hiberts, post:4, topic:1248”]I have the VPN on the host and now i’m using your vpn-firewall .
I hope i understood wrong, if i use the socks port for emails ( example ) the traffic can travel out the vpn ?[/quote]
Understood wrong. Host VPN does not interfere with Whonix-Workstation traffic directly.

Hiberts · September 24, 2015, 11:16am

Oh …
I understood, it’s a VPN over TOR problem .

Patrick · September 24, 2015, 11:30am

The terminology is ambiguous. Please use the
user -> …
notation from the wiki.

Hiberts · September 25, 2015, 10:25am

Escuse me :), user --> VPN --> TOR --> VPN ( here your problem ) --> internet .
However, is that the problem I mean ?

Patrick · September 25, 2015, 11:34am

No.

Installing the VPN inside Whonix-Workstation (user -> Tor -> VPN -> destination) requires understanding stream isolation and perhaps how to disable it.

Hiberts · September 29, 2015, 2:19pm

Yes, I think I know it .
whonixer should understand, i wanted to say that its problem is there .
However, whonixer you should use browser first, then learn how to configure socks and transport port for email client for example, on the Whonix website there’s all .
With browser i think you won’t have problems .