Hi, following the instructions of the guide I managed to torify the android workstation (whonix gateway -> android workstation). Now I would like to add a VPN after tor on my android workstation: I tried with “openvpn connect” and “openvpn for android” but both apps connect my VPN before tor, while I need the VPN after tor. Any ideas on how to solve this problem? I have already searched in the guide and on duckduckgo but I haven’t found any answer, maybe it’s a too specific question or maybe I’m just too noob I tried to change some options but without luck, since I’m not an expert and groping it doesn’t seem to pay, I have to ask to someone with a better knowledge. Thanks in advance
If the VPN software in question is running on the workstation, then there is no way it connects to VPN before Tor as everything from the WS has t go thru Tor first.
Yes, you’re right, I was misled by the VPN screen, because I saw: status connected, local IP of the VPN and port, IP of the VPN and port, then 10.152.152.12, so I thought it was connected before tor.
Now I have checked and actually even if the VPN is connected it generates a volume of traffic much lower than that one of the apps, so it makes sense that it is connected as everything after tor. The problem is that I still have no idea how to connect the whole workstation with the VPN because the option to connect every app with it it’s already enabled
Terminology for Support Requests
Phrases such as “over Tor” are ambiguous. Please do not coin idiosyncratic words or phrases, otherwise this leads to confusion. Please use the same terms that are consistently referenced in documentation, such as:
- How to Connect to a VPN Before Tor (User -> VPN -> Tor -> Internet).
- How to Connect to Tor Before a VPN (User -> Tor -> VPN -> Internet).
- And so on.
Always refer to the connection scheme when requesting support: User -> VPN -> Tor -> Internet or User -> Tor -> VPN -> Internet and so on.
You’re asking more like Android configuration questions. How to
configure a VPN with Android. That’s not something we have researched at
Whonix since we’re based on Debian, not Android.
Also make sure you know what at
Fail Closed Mechanism is - see Whonix
Make sure it is the system VPN perhaps? If you’ve forced all apps to use the VPN it should work. Are you saying you have no connectivity even though you have it enabled?
Yes, actually it is a request related to the android configuration, but I suffer this problem only with the ws that has the whonix network. I have another android system with the same features except the network (NAT) and I can connect the whole ws with the VPN in that case.
Maybe I should ask to the android / tor community, but since I saw that whonix guide is so complete and only thanks to it I managed to connect the whonix gateway to the android system I did a test here as first try.
I already have a VPN (different from the one used in the ws) with fail closed mechanism (firewall rules) in the host system, so the one in the android system is just an additional “layer”, even if my goal is to set it after tor (User > VPN > Tor > VPN > Internet).
I have connectivity but when I surf I continue to view the exit node’s IP. I use the same openvpn app with the same settings in another android system and in that case it works. The only difference between the two systems is that in the other one I have a NAT card with another VPN on the host system, while here I’m connected to the whonix gateway via the internal network.
TCP vs UDP problem?
What browser are you using? If it’s Tor Browser then you need to adjust it to stop using the socks proxy.
Hmm it could but it’s unlikely, these are the two types of configuration:
User -> VPN1 UDP -> VPN2 TCP -> Internet — Ok
User -> VPN1 UDP -> Tor -> VPN2 TCP -> Internet — Not ok, the VPN is connected but is not working on apps (I still see Tor ip as my ip)
I used the second configuration both in whonix workstation and windows 10 without any problem, but on android there is no way to make it work
I use firefox in both android workstations