VLESS-reality proxy + Tor; Can the VPS provider see the traffic?

Hello
I’ve seen many similar topics, but haven’t found exactly matching my case.

I have a rented VPS.
On the server I have a self-hosted proxy running with 3x-ui VLESS-Reality protocol (a few words about it at the bottom).
I connect to the proxy via Hiddify-Next on a host machine; it creates a tun adapter to connect.
Then I start Tor browser.

So it is
Home → VLESS-Reality Proxy → Tor → Internet

It is not a VPN, it’s still a proxy though secured one.

Questions:

  1. Can the VPS provider see the pages visited through Tor?
  2. What are the flaws of my method?
  3. How do I manage to run Whonix, not Tor browser bundle, after this proxy?

Basically I want to connect to Tor without standing out too much.
Nowadays in my country significantly more VPN users than Tor users.
The bridges don’t work for some reason.

Regarding the issue of trust.
They say that it is a matter of trust, who do you trust more, the ISP or the VPS hoster.
Why should I trust my ISP more than some random server in another country somewhere far away?
The ISP definitely keeps logs, while the same is not known about the VPS host.
And in the worst case, what can the VPS hoster do if they don’t like something about the user’s behavior? Complain to who? Shut down your server? Well that’s not a big problem.
At the same time, a government-controlled ISP is quite capable of turning you inside out for any reason. Simply because they are nearby and supported by state power, and the hoster of the VPS are somewhere far away.

About VLESS-Reality.
As far as I know this protocol was specifically designed to hide the fact you are using proxy from the ISP. It makes the traffic looks like a normal traffic to a real site. Yet it is still a proxy.

No.

Unless website traffic fingerprinting but that’s really advanced and unlikely.

No extra magic required. If your proxy on the VPS works similar to a VPN on the host then no exta magic required.

If Tor Browser works so will Whonix.

1 Like

related:

Also mentioned here:
Website Traffic Fingerprinting

It just doesn’t work. Whonix Workstation cannot connect to the internet at all. I guess it is because Virtualbox creates it’s own virtual network adapter for a virtual machine.
I also tried a system proxy mode but it didn’t work out.
So I would be glad to read a solution for this.

You still need to start Whonix-Gateway. You cannot replace the gateway with a proxy or VPN. Did you intent that? Won’t happen.

I start Whonix Gateway but it can’t connect to the Internet when my proxy is on.
I didn’t mean to replace anything, just want to make a chain Home → Proxy → Whonix → Internet.

Proxy blocks Tor? Try Tor Browser to confirm.

No it doesn’t. Tor browser works well with proxy, but Whonix does not.

As I said above, my guess is that it happens because Whonix creates new network adapter while proxy works via it’s own. And I can’t figure out how to fix it.

Did you ever manage to use Whonix without a proxy? Could be the case of simple user error.

  • Whonix doesn’t create a new network adapter. It has no access to the host operating system.
  • VirtualBox might create a new network adapter on the host operating system, but it’s virtual network settings are configured to use NAT so this does not happen.
  • (KVM (different virtualizer) does create a network adapter unfortunately. ([Help Welcome] KVM Development - staying the course - #546 by Patrick))

Try Tor Browser inside VirtualBox. In theory, this also shouldn’t work if VirtualBox was to create its own network adapter.

Unexpectedly Whonix started working.
I did not change anything in the settings, however this time connection to Tor was successful.

Therefore, now a new question has arisen: how to check if the connection works as expected? That is, does traffic really go along the path Home → VLESS proxy → Whonix?

use wireshark or similar tools.

2 Likes
1 Like