Problems setting up (User → Tor → VPN → Internet)

I’ve followed the guide but when opening Tor browser there’s no connection at all.

“sudo systemctl status openvpn@openvpn” gives me the following result, the closest thing to an error that I could find in all the commands. Does this look right?

user@host:~$ sudo systemctl status openvpn@openvpn
[sudo] password for user:
● openvpn@openvpn.service - OpenVPN connection to openvpn
Loaded: loaded (/lib/systemd/system/openvpn@openvpn.service; enabled; vendor preset: en
Drop-In: /lib/systemd/system/openvpn@openvpn.service.d
└─50_unpriv.conf
Active: active (running) since Mon 2019-07-22 07:16:17 UTC; 19min ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 721 ExecStartPre=/usr/bin/sudo --non-interactive /usr/sbin/openvpn --rmtun --de
Process: 775 ExecStartPre=/usr/bin/sudo --non-interactive /usr/sbin/openvpn --mktun --de
Main PID: 795 (openvpn)
Status: “Pre-connection initialization successful”
Tasks: 1 (limit: 2355)
Memory: 5.8M
CGroup: /system.slice/system-openvpn.slice/openvpn@openvpn.service
└─795 /usr/sbin/openvpn --daemon ovpn-openvpn --status /run/openvpn/openvpn.sta

Jul 22 07:27:03 host ovpn-openvpn[795]: Connection reset, restarting [0]
Jul 22 07:27:03 host ovpn-openvpn[795]: SIGUSR1[soft,connection-reset] received, process r
Jul 22 07:32:03 host ovpn-openvpn[795]: NOTE: the current --script-security setting may al
Jul 22 07:32:03 host ovpn-openvpn[795]: TCP/UDP: Preserving recently used remote address:
Jul 22 07:32:03 host ovpn-openvpn[795]: Attempting to establish TCP connection with [AF_IN
Jul 22 07:32:04 host ovpn-openvpn[795]: TCP connection established with [AF_INET][redacted]
Jul 22 07:32:04 host ovpn-openvpn[795]: TCP_CLIENT link local: (not bound)
Jul 22 07:32:04 host ovpn-openvpn[795]: TCP_CLIENT link remote: [AF_INET]104.254.90.202:44
Jul 22 07:32:04 host ovpn-openvpn[795]: Connection reset, restarting [0]
Jul 22 07:32:04 host ovpn-openvpn[795]: SIGUSR1[soft,connection-reset] received, process r
lines 1-27/27 (END)

“Has the VPN configuration been modified aside from the instructions on this page?” I only changed the ip and port and CA cert name to match my chosen VPN.

“Is Whonix currently configured to use a second tunnel-link/proxy or bridge?” No.

Complete VPN Logs Debug

Mon Jul 22 07:46:56 2019 WARNING: file ‘auth.txt’ is group or others accessible
Mon Jul 22 07:46:56 2019 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
Mon Jul 22 07:46:56 2019 library versions: OpenSSL 1.1.1c 28 May 2019, LZO 2.10
Mon Jul 22 07:46:56 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Jul 22 07:46:56 2019 TCP/UDP: Preserving recently used remote address: [AF_INET][redacted}
Mon Jul 22 07:46:56 2019 Attempting to establish TCP connection with [AF_INET][redacted}:443 [nonblock]
Mon Jul 22 07:46:57 2019 TCP connection established with [AF_INET][redacted]:443
Mon Jul 22 07:46:57 2019 TCP_CLIENT link local: (not bound)
Mon Jul 22 07:46:57 2019 TCP_CLIENT link remote: [AF_INET][redacted]2:443
Mon Jul 22 07:46:57 2019 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Mon Jul 22 07:47:00 2019 Connection reset, restarting [0]
Mon Jul 22 07:47:00 2019 SIGUSR1[soft,connection-reset] received, process restarting
Mon Jul 22 07:47:05 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mon Jul 22 07:47:05 2019 TCP/UDP: Preserving recently used remote address: [AF_INET][redacted]:443

^^^It just keeps repeating

Edit: Sensitive information redacted by @0brand

Hi openerms9

Welcome to the Whonix community!

Sorry to hear you’re having problems with your VPN. Did you follow the steps to Prevent Bypassing of the Tunnel-link? Did you modify the openvpn.conf to reflect you VPN service providers .ovpn configuration file?

For example does your provider use UDP or TCP in the .opvn configuration file?

1 Like

Yes i’ve removed stream isolation by disabling uwt wrappers, tor browser proxy with environment method, and the other miscellaneous proxy settings exactly as described in the Wiki you linked using the non-qubes route.

I modified the openvpn.conf only changing the IP, port, and certificate file name of the VPN. The rest was copied directly from the wiki (TCP included) (Which my provider uses).
However i did remove the line “## using nyc.vpn.riseup.n et 80”. Is that important to replace?

Also “/etc/resolv.conf” is empty.