I have some slight trouble getting Whonix with “VPN Before Tor” (User -> VPN -> Tor -> Internet) working.
I have followed this guide https://www.whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor exactly.
My setup is:
Whonix workstation -> Whonix gateway -> Internet.
I am using TUNNEL_FIREWALL inside the Whonix gateway.
And it works.
However, not for long.
The Whonix gateway starts up and I can see from ifconfig it creates the tun0 interface, gets an IP, there are no errors, this uses the openvpn@openvpn service.
It then connects to Tor with the tor@default service, again this is fine, no errors.
However then, after perhaps 120 to 240 seconds, I can see this:
pcnet32 0000:00:03.0 eth0: link up, 100Mbps, full-duplex
pcnet32 0000:00:08.0 eth1: link up, 100Mbps, full-duplex
When I see this, at the exact same time, the connection on the Whonix workstation goes down.
The above messages (pcnet32 …) seem to be similar to what would happen, if you unplugged the network cable and plugged it back in.
However I cannot find any errors, not in the openvpn log, not in the tor log, not in dmesg, ifconfig also seems fine.
I mean, I can see that it can no longer connect in journalctl -xe, both openvpn and tor are unable to connect. But there is nothing in the logs to indicate why the problem occurred, why was the network on eth0 and eth1 reset?
Doing systemctl restart tor@default and systemctl restart openvpn@openvpn restores the connection, but it doesn’t take long before this happens again, that the connection dies. So it is not usable as it is now.
I am at a loss for what I should do about this. I have tried reinstalling. I am following the guide exactly.
I’m using Virtualbox, and I have several other virtual machines that have no network problems.
Any help in debugging this?
I did some debugging myself. Still no solution, but perhaps an experienced Whonix user can pinpoint the problem?
If I let it boot, and then immediately run whonixcheck, it tries to do timesync, which it reports as:
“Timesync status: not done”
This repeats, for around 120 seconds, and then just as it says “Whonixcheck gave up waiting”, the network interfaces are reset, as mentioned above.
The curious part is, that from the Whonix workstation, as I mentioned, everything works fine.
Can I just disable sdwdate? Is that safe? What should I do?