VPN only on host without whonix connecting through the vpn

hello, new here. :slight_smile:

I wanted to use a VPN on my host but i don’t want it to affect whonix or for whonix to connect through the vpn. so what i thought is to use split tunneling and Exclude Virtubal box from the tunneling will this be safe or a sure way to keep the vpn ad whonix apart? or is there another method to keep them apart?

i use Windows 10 and ProtonVPN (the app’s source code is available on github, seems like i cant post link here)

Hi, welcome to Whonix forums and thank you for your question!

Unfortunately questions about split VM traffic, specifically on Windows hosts can almost certainly only be resolved as per https://www.whonix.org/wiki/Free_Support_Principle.

Suggested queries:

  • How to exclude VirtualBox traffic from VPNs on Windows?

  • How to exclude a VirtualBox VM from the VPN on Windows?


hmmm, nothing very helpful, searching on the internet on how to exclude VMs didn’t yield any useful results.
what i got to know is (at least what random strangers on the internet say on forums) is that VMs that are configured to use NAT connect through the hosts VPN while those using Bridged don’t.

anyways i did a little experiment. first i went to my VPN and excluded VirtualBox (Virtualbox.exe and VirtualboxVM.exe). Then launched my Whonix gateway and work station. i went to ubuntu’s website on the workstation and started a ubuntu installation image download. the speed on the workstation (tor download section) was about 1MB/s but looking at the VPN it said there was totally no connection (speed was like 0Kb/s - 2Kb/s). looking at task manager it showed VirtualBox process using network resources at the same speed the workstation said it did.

Turning off the VirtualBox exclusion on the VPN and restarting the VPN and both whonix gateway and workstation: started the ubuntu download again and this time the VPN showed the traffic download speed was as same as showed in the workstation.

i believe this means excluding VirtualBox in the VPN makes it connect to tor directly and not through the VPN. this is a weak evidence but seems like its all i can get specially since i can’t do Ping and Traceroute on whonix :frowning:
any correction or comment if am wrong would be really appreciated :smiley:

I suggest to make it unspecific to Whonix. Test it with Debian. That makes it easier to test if Whonix is excluded from the test.