Hello
i’m testing the config suggested here for Qubes
/wiki/Tunnels/Connecting_to_a_VPN_before_Tor
i was no able to setup my vpn provider to use cli and iptable, for lack of info from the vpn service ( they have their own vpn app but also a openvpn config file without support ) or/and lack of knowledge on my side!
However i have used the network manager approach, that create .pem and auth file from the config.ovpn file , set up a script to autostart vpn and firewall iptable rule for the net interface inside the appvm to take care for possible drop, a firewall rule on the qube manager to only allow connection to the vpn server on openvpn port
i hope that was enough to not discover my real ip if vpn drop, and the net interface connect directly i will make some test , without sys-wonix running to see if i receive the net whit my real ip
However for now work great
My concern now is about the guard that still the guard that was before apply
user > vpn > tor route
When i have started everything the guard was located where the tunnel go…
but when i have started the anon-whonix the old guard connected from my actual location
is this supposed to be correct ? or i have to take some action ?