Greetings to all you guys and also Whonix ™ KVM Maintainer!
My topic is specific to this connection method: User → VPN → Tor → Internet
It all started with the need for VPN ----> Whonix (Gateway) to hide the fact of using the TOR from the ISP.
I began to look for a solution, and found out that with such a connection scheme as VPN----->WHONIX (Gateway), the traffic goes not consistently, but in parallel way! As a result, Tor traffic is not encapsulated in VPN. And there is a leak.
I have a few questions:
-
Can I create an additional virtual machine that will act as VPN-Gateway which then will be connected to Whonix-Gateway? Thus, the traffic will be consistent(But in this case, you will have to change the connection with NAT to the isolated network in Whonix -gateway, which can be discouraged and can make leaks );
https://www.whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor#KVM_VPN_Killswitch
> <network>
> <name>Whonix-External</name>
> <forward dev='tun0' mode='nat'/>
> <bridge name='virbr1' stp='on' delay='0'/>
> <ip address='10.0.2.2' netmask='255.255.255.0'>
> </ip>
> </network>
This method of the VPN-killswitch was presented in official article. The question is how much this method is reliable from leaks and this method does consistent connection or parallel?
Either configure VPN-Router, or make VPN Tethering Via Android Device. In order not to discount the Whonix settings. Since I believe that digging in the settings of Whonix Firewall or other configs can easily be broken something, especially if you don’t know how does unix routing works.
- What method of connection according to my requirements is more optimal and reliable, perhaps which I do not know?
As I understand a lot of people do this way and this is stupidity, because they think that traffic is a consistent.
I would like to hear the detailed answers. Thanks to everyone!