Hi, people. I am playing with Whonix for about a month and i need to say that it is a great OS. But i stuck with connecting VPN to it. I need to use VPN before TOR, so my ISP wouldnt know that i am using TOR + all ISP logs must contain info which is encrypted with my VPN.
So, i made my own VPN server on VPS. Using openvpn server configured for UDP (As i understand i need TCP only if i want user => TOR => VPN, but i dont need this).
I am using Xubuntu as the host system, which is installed in crypted file container on my external HDD. I am starting my vpn client on Xubuntu. Than i start Whonix Gateway. After whonixcheck on Gateway i start Whonix Workstation. As i understand in such config all my traffic should first be encrypted and go to my VPN server and only there it would go to TOR. But when i try to check this i am using traceroute command on Whonix Workstation and i see follow info -
user@host:~$ traceroute google.com
traceroute to google.com (192.122.185.53), 30 hops max, 60 byte packets
1 * * *
2 * * *
3 * * *
4 * * *
5 * * *
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *
16 * * *
17 * * *
18 * * *
19 * * *
20 * * *
21 * * *
22 * * *
23 * * *
24 * * *
25 * * *
26 * * *
27 * * *
28 * * *
29 * * *
30 * * *
As i understand first i should see my VPN server, than i should see the TOR relay nodes. Am i correct. Maybe i should make traceroute somewhere else ( Gateway, Host OS?). Is there another way to check that traffic is routed correctly through my VPN and TOR?
Please give me some advice. Any help would be very appreciated.
Still need some help. I know that this is the simple question which is described in documentation. I have already read it, especially this -
How
If you are forced to use a VPN server or if you are already using a VPN server, you most likely know how you can connect to it.
You can either add the VPN on the host. Whonix-Gateway will be tunneled through it.
Or you can add the VPN into Whonix-Gateway. In that case you must know how to connect to your VPN server from the linux command line. (TODO: Any new firewall rules required?)
When your VPN is properly set up, all your connections are forced through the VPN first. If you start Tor on top of that, tunneling Tor through the VPN will work.
But i can not figure out how to test and check that everything is running ok. When i used VPN without TOR on my host OS i just made a traceroute command. But as i described this doesnt work in my case. Please give me some little help, as i need this info urgently.
Thanks a lot for everyone who would give at least any info.
Hi, people. I am playing with Whonix for about a month and i need to say that it is a great OS. But i stuck with connecting VPN to it. I need to use VPN before TOR, so my ISP wouldnt know that i am using TOR + all ISP logs must contain info which is encrypted with my VPN.
See also:
- https://www.whonix.org/wiki/Hide_Tor_and_Whonix_from_your_ISP
- https://www.whonix.org/wiki/Features#VPN_.2F_Tunnel_support
As i understand in such config all my traffic should first be encrypted and go to my VPN server and only there it would go to TOR.
Yes.
But when i try to check this i am using traceroute command on Whonix Workstation and i see follow info -
Whonix-Workstation has no legitimate way to figure out it's routed over the VPN. Whonix-Gateway accepts the traffic and relays it to Tor.
Maybe i should make traceroute somewhere else ( Gateway, Host OS?). Is there another way to check that traffic is routed correctly through my VPN and TOR?
This is actually not that simple. Someone else asked a similar question, answered here:
https://www.whonix.org/forum/index.php/topic,363.msg2685.html#msg2685
You may also be interested: