Chris Laprise: > On 3/27/20 5:02 AM, scurge1tl wrote:
>> >> Hello all, >> >> I would like to ask about proper setting of AppVM flow if using >> Mullvad VPN. I would like to connect to the clearnet following way: Me >> - -> Tor -> VPN -> clearnet. >> >> When setting up mullvad in their web page, I set the parameters for >> download here https://mullvad.net/en/download/openvpn-config/ in a >> following way: >> - - All countries (so that I can change my exit country as needed) >> - - Port -> TCP 443 (Tor doesn't use UDP, right?) >> - - tick Use IP addresses > > Using TCP 443 for the connection helps only if you are running the VPN > on top of Tor. With Tor on top of VPN, you're probably better off with UDP. Would this mean, if I plan to go with Me -> Tor -> VPN -> clarnet, to go with UDP mullvad settings? Just to clear the "on top of". > >> >> To set the Mullvad VPN AppVM, I followed this guide from micahflee >> https://micahflee.com/2019/11/using-mullvad-in-qubes/ The AppVM with >> mullvad is vpn-mullvad. All works fine and connects to the network. >> >> How should I connect Me -> Tor -> VPN -> clearnet? Am I right with >> this setup (I didn't launch it yet): anon-whonix -> sys-whonix -> >> vpn-mullvad -> sys-firewall, or I should use different setup? > > Whonix has a guide that examines the issues of combining Tor and a VPN. > However, I think its better as a 'what-if/why' guide than a Howto... > > https://www.whonix.org/wiki/Tunnels/Connecting_to_a_VPN_before_Tor Thank you I will check it. > >> >> Are there any other steps to follow to prevent leaks? > > Yes. > > The Qubes-vpn-support project is much easier to setup and should work > more smoothly, in addition to providing better protection against leaks: > > https://github.com/tasket/Qubes-vpn-support > > There is also a VPN setup guide on the Qubes doc page (this is the one > the Whonix page links to). FWIW, I wrote the scripts for both but the > idea for Qubes-vpn-support was to automate the setup and improve the > connection handling of Openvpn so re-connection doesn't take 5 minutes. > It also checks the firewall to make sure leak prevention is in place > before initiating connections. I will try to set the additional AppVM for this and try this guide. What would be the linking of the AppVMs, if I would like to go Me -> Tor -> VPN -> clearnet? Is it like anon-whonix -> sys-whonix -> mullvad-AppVM -> sys-firewall ? Also I would like to use different exit countries of choice, so I downloaded all countries from mullvad. Is there any simple way to switch countries with this VPN settings? Sorry for noob questions, I am new to the VPN stuff, just used Tor only till now, but I need to use tor-unfriendly services from time to time and even if it were tor-friendly, ExitNodes {xx} StrictNodes 1 doesn't work in qubes-whonix and I therefore can't select exit country easily if I need to. So I need to have the VPN country as a strict exit. > Thank you and I will let you know if it works! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e36a80c7-d1db-b533-3ef7-d45cde0acb75%40cock.li.
0xC1F4E83AF470A4ED.asc
Description: application/pgp-keys
