Qubes-Box1 +-------------------------------------------+ | | WAN --|-- NetVM-Ext --- Whonix-GW --- NetVM-Int --|-- ClientBox | | +-------------------------------------------+
Really excited to see this work. Very preliminary tests so far. Will do a full writeup in time.
For now, the broad steps:
- Get 2nd network adapter working in Qubes
- No changes to Whonix-GW are necessary.
- NetVM-Int: setup static network, forward DNS to GW, add appropriate FORWARD rule
- ClientBox: depends
Test #1: ClientBox = plain Debian on bare-metal
- setup static network, DNS
- working!
Test #2: ClientBox = Whonix-WS in VirtualBox on Debian host
- follow steps from Test #1
- set Whonix-WS to NAT (! please don’t do this unless you know what you are doing !)
- set eth0 to DHCP
- set DNS to NetVM-Int IP
- working! (stream isolation too. SocksPorts are working)
Test #3: ClientBox = Whonix-WS in QubesOS
- given #2 is working, not expecting many issues here
- will pause here; need to complete other Whonix tasks; and would be nice to have some new hardware too