i`am using Whonix 11 version after the next update Gateway, I am talking about the update which includes Tor Data folder on the desktop, we started having problems with VPN installed on the Gateway. The problem a little digging I realized that the problem of mutations both in the firewall settings should be applied.
###########################
## VPN-Firewall Settings ##
###########################
## Make sure Tor always connects through the VPN.
## Enable: 1
## Disable: 0
## DISABELD BY DEFAULT, because it requires a VPN provider.
VPN_FIREWALL=1
## IP address of the VPN server.
## Get the IP using: nslookup vpn-example-server.org
## Example: seattle.vpn.riseup.net
## Some providers provide multiple VPN servers.
## You can enter multiple IP addresses, separated by spaces.
VPN_SERVERS="IP"
## For OpenVPN.
VPN_INTERFACE=tun0
## Destinations you don not want routed through the VPN.
## 10.0.2.2/24: VirtualBox DHCP
LOCAL_NET="192.168.1.0/24 192.168.0.0/24 127.0.0.0/8 10.152.152.0/24 10.0.2.2/24"
after the upgrade began these settings:
###########################
## VPN-Firewall Settings ##
###########################
## Make sure Tor always connects through the VPN.
## Enable: 1
## Disable: 0
## DISABELD BY DEFAULT, because it requires a VPN provider.
VPN_FIREWALL=1
## IP address of the VPN server.
## Get the IP using: nslookup vpn-example-server.org
## Example: seattle.vpn.riseup.net
## Some providers provide multiple VPN servers.
## You can enter multiple IP addresses, separated by spaces.
VPN_SERVERS="IP"
## For OpenVPN.
VPN_INTERFACE=tun0
## Destinations you don not want routed through the VPN.
## 10.0.2.2-10.0.2.24: VirtualBox DHCP
LOCAL_NET="
127.0.0.0-127.0.0.24
192.168.0.0-192.168.0.24
192.168.1.0-192.168.1.24
10.152.152.0-10.152.152.24
10.0.2.2-10.0.2.24
"
this change is not currently in the documentation, please add, but that the problem did not end now connect to the VPN occurs normally, but occasionally at the VPN, the connection with the error:
Wed Dec 2015 Initialization Sequence Completed
Wed Dec 2015 [changeme] Inactivity timeout (--ping-restart), restarting
Wed Dec 2015 SIGUSR1[soft,ping-restart] received, process restarting
Wed Dec 2015 Restart pause, 5 second(s)
Wed Dec 2015 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Wed Dec 2015 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Wed Dec 2015 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1400)
Wed Dec 2015 Socket Buffers: R=[87380->131072] S=[16384->131072]
Before the update did not have such problems, please help with the decision.