Setup a VPN in ProxyVM over sys-whonix

eprer · June 14, 2016, 3:24pm

Hello
I would this configuration
sys-whonix–>proxyVM–>appVM (not anon-whonix)
I created a VPN configuration in network manager but when I try to connect the VPN fail, while if I connect the same VPN to a normal proxy machine, works. Do I change anything in sys-whonix? Or is a problem of my VPN?

Thank you

Patrick · June 15, 2016, 10:36am

Please use the same way to describe the terminology / connection scheme that you want to accomplish as under the following wiki page.

Otherwise due to the great complexity of the topic it is very easy to talk past one another.

It it this ticket?

github.com/QubesOS/qubes-issues

Test and document VPN ProxyVM between anon-whonix and sys-whonix

opened 09:38PM - 11 Jun 16 UTC

closed 06:03PM - 20 Jun 16 UTC

andrewdavidwong

T: enhancement help wanted C: doc P: minor privacy C: Whonix

[Patrick Schleizer wrote](https://groups.google.com/d/msgid/qubes-users/5759D76E….8000401%40riseup.net): > Andrew David Wong: > > > On 2016-06-08 13:15, a...r@s...t.org wrote: > > > > > Hello I read the guide on whonix site about how setup a VPN in > > > workstation but it is old and my VPN is a little different, it has > > > a GUI interface but also a setup for Open VPN (to work i have to > > > use GUI). Do I setup like a normal VPN in debian (network > > > connection, import configuration, certificate etc...) and change > > > firewall? > > > > > > Thank you > > > > Take a look at our VPN documentation if you haven't already. It was > > recently updated: > > > > https://www.qubes-os.org/doc/vpn/ > > VPN in Whonix-Gateway results in: > - a) Connecting to a VPN before Tor > - a) User -> proxy/VPN/SSH -> Tor -> Internet > > VPN in Whonix-Workstation results in: > - b) Connecting to Tor before a VPN > - b) User -> Tor -> proxy/VPN/SSH -> Internet > > These use cases are very different. > > See also: > https://www.whonix.org/wiki/Tunnels/Introduction > > https://www.qubes-os.org/doc/vpn/ is closer to: > - a) Connecting to a VPN before Tor > - a) User -> proxy/VPN/SSH -> Tor -> Internet > > It would be interesting to wretch a Qubes VPN ProxyVM between > Whonix-Workstation and Whonix-Gateway. I.e. anon-whonix -> sys-vpn -> > sys-whonix. Which would then result in b). > > You might still need bits from chapter "Prevent Bypassing the Tunnel-Link" > > https://www.whonix.org/wiki/Tunnels/Connecting_to_Tor_before_a_VPN#Prevent_Bypassing_the_Tunnel-Link > > Although it would not be for purposes of "Prevent Bypassing the > Tunnel-Link", but for connectivity. The following from that chapter > would still be required: > - deactivate uwt wrappers > - Tor Browser Remove Proxy Settings > - Deactivate Misc Proxy Settings > > So new documentation would be required for this. A lot stuff could be > re-used since all of the three above are wiki templates. > > Anyone interested in this? Up to try this, document this, etc.? > > Cheers, > Patrick

For now, undocumented, unsupported. ( Undocumented, Untested or Unsupported Features )

I have a look if I can get that documented, don’t hold your breath for it.

eprer · June 15, 2016, 2:20pm

Hello
The only difference is that I don’t want a workstation like appVM but I setup a fedora template appVM

Regards

Patrick · June 15, 2016, 6:18pm

This is now documented here:
Connecting to Tor before a VPN