Note: Both TCP and UDP VPN connections should work. Test connectivity from inside the sys-vpn as per: Check, that your sys-vpn is fully functional. This is what you want if you are reading this documentation chapter.Ĥ. When a failed closed configuration is used and the VPN connection breaks down, no traffic would leave Whonix-Gateway ™. Without a fail closed configuration, if the VPN breaks down, all traffic (such as DNS queries) originating from Whonix-Gateway ™ (commonly called sys-whonix) would only be forced through Tor. These "Separate VPN-Gateway" instructions are new. Whonix-Workstation ™ → Whonix-Gateway ™ → sys-vpn → sys-firewall → sys-net. Qubes-Whonix ™ only! Non-Qubes-Whonix ™ is unsupported!Ī separate VPN-Gateway between Whonix-Gateway ™ and sys-firewall, i.e. Using bitmask with Qubes is unsupported.Should the VPN provider be limited to seeing Tor traffic, but not clearnet traffic? Then install the VPN on Whonix-Gateway ™.Should the VPN provider be able to see all traffic? Then install the VPN on the host.Is it necessary to hide all traffic from the ISP? Then install the VPN on the host.To decide the best configuration in your circumstances, consider: User → Host's VPN → Gateway's VPN → Tor → Internet VPN Installed on both the Host and Whonix-Gateway ™ What's the difference of installing a VPN on the host versus installing on Whonix-Gateway ™? Non-Qubes-Whonix ™ users could install the VPN software #On the Host or #Inside Whonix-Gateway ™.Qubes-Whonix ™ users have the option to use a #Separate VPN-Gateway but could also install the VPN software #Inside Whonix-Gateway ™.Too difficult? Consider purchasing Premium Support.Ĭonnecting to a VPN before Tor (User → VPN → Tor → Internet) Introduction 3.11 Additional Tweaks / Recommendations / Troubleshooting.3.5 /run/openvpn/openvpn.status Permission denied.2.5.8.7 Configuration Folder Permissions.2.5.2 Whonix ™ TUNNEL_FIREWALL vs standalone VPN-Firewall.2 Connecting to a VPN before Tor (User → VPN → Tor → Internet).
0 Comments
|
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |