subject:"Re\: \[qubes\-users\] Network setup \- TORVM\-VPNVM"

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-19 Thread james . buttler1975

Also Can I safely use any app vm with whonix gw instead of whonix workstation? 

Thanks 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ab1528b4-83c2-406d-af8b-06c2b733a382%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-19 Thread james . buttler1975

So I want to have 2 different types of system


One where it goes through tor and then through vpn so that websites don't see I 
am using tor

So that would need to be whonix WS -> whonix GW -> VPN VM -> net vm


And a seperate system that just uses tor 

Which would just be

Whonix WS -> whonix GW -> net VM

If I open two of the above App vms would echo app vm connect to appear as two 
seperate IPs?

Am I on the right track with this?

Also if I run this will it ensure all traffic goes through tor and vpn no 
matter what I do? Is there a chance some websites might use different protocols 
and bypass tor?

Thanks 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/3fc0d2cc-98ce-4b01-942a-246f6fcd1524%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-18 Thread Micah Lee

On 08/18/2017 03:43 PM, james.buttler1...@gmail.com wrote:
> Ah right ok. So I am working the wrong way around when I look at the chain? 

Think of the ProxyVMs (like sys-whonix, sys-vpn, sys-firewall, sys-net)
as being liking a router that you connect a VM to as a gateway to get
internet access.

sys-net connects to the internet through wifi or ethernet.
sys-firewall gets it's internet from sys-net.

And in your specific example:

sys-whonix gets its internet from sys-firewall.
sys-vpn gets its internet from sys-whonix.

So you might want to make an AppVM called "personal" and set sys-vpn as
its netvm. When you use the internet in that VM, all internet traffic
will come from the VPN.

You might want to make an AppVM called "captive-portal" and set
sys-firewall to be its netvm. When you use the internet there, your IP
will be your real IP address without any proxies.

For each AppVM, you get to choose which ProxyVM it gets its internet from.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/70b270e2-6096-b619-26a0-c4d4c08d2189%40micahflee.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-18 Thread james . buttler1975

Ah right ok. So I am working the wrong way around when I look at the chain? 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/e67ba230-1aca-4fae-8373-c660909c9448%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-18 Thread Sean Dilda

If you set it up as:

AppVM -> TorVM -> VpnVM -> NetVM

The VPN VM will use the Net VM to talk to the VPN server
The Tor VM will use the VPN VM to talk to the next Tor node, then to your
website
With this, the website will see you coming from a Tor exit node.


AppVM -> VpnVM -> TorVM -> NetVM

With this, the data will go through Tor to reach your VPN server, then
plain text from your VPN server to the destination web site.
With this, the website will see you coming from your VPN service, and your
VPN service will see you coming from a Tor exit node.


On Fri, Aug 18, 2017 at 3:47 PM  wrote:

> Hi thanks for the advice it seems my idea was correct then?
>
> What I can't get my head around is
>
> If I setup a whonix vm which torrifies all traffic and then set a proxy vm
> as its net vm my thinking of it
>
>
> From the data packets point of view
>
> You create a dAta packet on your app vm
> That dAta packet travels to the whonix vm which sends the packet to first
> tor node, then to the second until it gets to exit node. The exit node
> isn't my machine how does that packet then know to go to the vpn?
>
> Wouldn't the exit node have to send that packet back to my local app vm
> and then to the vpn?
>
> Meaning the exit node knows my IP and so will the vpn provider anyway?
>
> The reason I want to have vpn second is because I want the option of
> anonymity but I also don't want the end website to know I am using tor.
>
> With this in mind is there any better setup?
>
> Thanks
>
> --
> You received this message because you are subscribed to the Google Groups
> "qubes-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to qubes-users+unsubscr...@googlegroups.com.
> To post to this group, send email to qubes-users@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/qubes-users/ccd1f37e-1745-49a1-ae68-c3b5a8cba433%40googlegroups.com
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CAKZBO19%2B-1t6%3DZiFMS%2Bwe3aE0Fvi%2BDRySfHbX6MZ29L2Vtoq3g%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-18 Thread james . buttler1975

Or maybe I understand it better now?

I'm still thinking my machine is one...
If I get my head into thinking each vm is in fact a seperate machine 

Then the packet goes 

>From app vm -> tor vm then to the proxy vm but what i don't understand is 
>though the tor exit node must need an IP address to send my packet too? Surely 
>to send the packet to my proxy vm it would need my real IP address for which 
>the proxy vm is located? 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c453a812-ed69-4de4-8499-e0c498c09735%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-18 Thread james . buttler1975

I don't mind if the isp knows I am using tor it's the website hats the problem 
since website doesn't allow tor users 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/736ac8b7-e0f0-4134-9d05-3d9712f47e85%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-18 Thread james . buttler1975

Hi thanks for the advice it seems my idea was correct then?

What I can't get my head around is 

If I setup a whonix vm which torrifies all traffic and then set a proxy vm as 
its net vm my thinking of it 


>From the data packets point of view

You create a dAta packet on your app vm
That dAta packet travels to the whonix vm which sends the packet to first tor 
node, then to the second until it gets to exit node. The exit node isn't my 
machine how does that packet then know to go to the vpn? 

Wouldn't the exit node have to send that packet back to my local app vm and 
then to the vpn? 

Meaning the exit node knows my IP and so will the vpn provider anyway? 

The reason I want to have vpn second is because I want the option of anonymity 
but I also don't want the end website to know I am using tor. 

With this in mind is there any better setup?

Thanks 

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ccd1f37e-1745-49a1-ae68-c3b5a8cba433%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-18 Thread Micah Lee

On 08/17/2017 04:32 PM, james.buttler1...@gmail.com wrote:
> I'm just starting to use qubes os and I'm trying to understand how it all 
> works.
> 
> If I wanted to setup the system to route all my traffic through tor and then 
> that tor traffic through a vpn 
> 
> Would I simply setup a TORVM with Its netVM being the vpnvm ?
> 
> Or can a netVM not have its own netVM? 
> 
> Thanks for the help

Qubes comes with sys-whonix, which is a ProxyVM that routes traffic
through Tor. If you want to connect to Tor first, and then the VPN
second, you would make a new ProxyVM for your VPN (I'll call it sys-vpn)
and set its netvm to be sys-whonix. Then you'd create AppVMs and set
their netvm to be sys-vpn.

This way, all of the internet traffic in those AppVMs would be coming
from your VPN's IP address, but you'll be connecting to your VPN
anonymously over Tor.

If you want all your traffic to go over this VPN, then in the VM Manager
you can open Global Settings and set the default netvm to sys-vpn. (You
can of course have specific AppVMs that use sys-whonix or sys-firewall
as their netvm as well, like if you want to just use Tor, or if you want
to click through captive portals on wifi networks.)

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/0d6bb719-3e2c-d442-8a6d-105fa3115a72%40micahflee.com.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

2017-08-18 Thread Kolja Weber

That way round doesent make sense from the security point of view
(besides the fact that your network will be VERY slow) its way better to
route all traffic first via VPN and then Tor (so last hop is VPN and not
Tor)

> I'm just starting to use qubes os and I'm trying to understand how it all 
> works.
>
> If I wanted to setup the system to route all my traffic through tor and then 
> that tor traffic through a vpn 
>
> Would I simply setup a TORVM with Its netVM being the vpnvm ?
>
> Or can a netVM not have its own netVM? 
>
> Thanks for the help
>

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/d02a81f9-2d28-f349-f891-df1fc38d6cf6%40frelsisbaratta.is.
For more options, visit https://groups.google.com/d/optout.

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

Re: [qubes-users] Network setup - TORVM-VPNVM

10 matches

Site Navigation

Mail list logo

Footer information