The original wording of my question was too vague and complicated, so here is my issue:
Whonix in KVM bypasses “leak-proof” VPN that is configured with OpenVPN and firewalled to only allow interface tun0. I see nothing in the docs to address this.
Has anyone else had this issue?
Steps to reproduce:
- ping a webserver from host (success)
- Start Whonix (whonixcheck passes)
- Disable VPN on host
- ping a webserver from host (fails due to firewall)
- Run whonixcheck on gateway (still passes)