Hi
I have tor and vpn on my gateway.
I have followed theses instructions:
wiki/Tunnels/Connecting_to_a_VPN_before_Tor
section: " Inside Whonix-Gateway ™"
service openvpn@openvpn show me this error:
AUTH: received control message: AUTH_FAILED
if I try to run manually openvpn /etc/openvpn/openvpn.conf, I have this error
Write UDP: Operation denied
according to iptables, packets are rejected on last rules of iptables -vL
Here is my config files
cat /etc/whonix_firewall.d/50_user.conf
## Make sure Tor always connects through the VPN.
## Enable: 1
## Disable: 0
## DISABELD BY DEFAULT, because it requires a VPN provider.
VPN_FIREWALL=1
## For OpenVPN.
VPN_INTERFACE=tun0
## Destinations you don not want routed through the VPN.
## 10.0.2.2-10.0.2.24: VirtualBox DHCP
LOCAL_NET="\
127.0.0.0-127.0.0.24 \
192.168.0.0-192.168.0.24 \
192.168.1.0-192.168.1.24 \
10.152.152.0-10.152.152.24 \
10.0.2.2-10.0.2.24 \
"
➜ ~ cat /etc/openvpn/openvpn.conf
client
dev tun
proto udp
remote 185.145.38.234 1194
resolv-retry infinite
remote-random
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ping 15
ping-restart 0
ping-timer-rem
reneg-sec 0
comp-lzo no
remote-cert-tls server
auth-user-pass /etc/openvpn/auth.txt
verb 3
pull
fast-io
cipher AES-256-CBC
auth SHA512
<ca>
-----BEGIN CERTIFICATE-----
MIIFCjCCAvKgAwIBAgIBATANBgkqhkiG9w0BAQ0FADA5MQswCQYDVQQGEwJQQTEQ
MA4GA1UEChMHTm9yZFZQTjEYMBYGA1UEAxMPTm9yZFZQTiBSb290IENBMB4XDTE2
... etc ....
-----END CERTIFICATE-----
</ca>
key-direction 1
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
e685bdaf659a25a200e2b9e39e51ff03
0fc72cf1ce07232bd8b2be5e6c670143
... etc ....
-----END OpenVPN Static key V1-----
</tls-auth>
cat /etc/sudoers.d/tunnel_unpriv
tunnel ALL=(ALL) NOPASSWD: /bin/ip
tunnel ALL=(ALL) NOPASSWD: /usr/sbin/openvpn *
Defaults:tunnel !requiretty
#Defaults:tunnel env_keep += script_type
#Defaults:tunnel env_keep += dev
Other modification I did:
chown -R tunnel:tunnel /etc/openvpn
chown -R tunnel:tunnel /var/run/openvpn
cp /lib/systemd/system/openvpn@.service /lib/systemd/system/openvpn@openvpn.service
I also have a /etc/openvpn/auth.txt file with 2 lines. First line is my vpn login and 2nd line is the password
Thank you very much