How do I connect a vm to 911 proxy if possible? Any help is appreciated
I am not familiar with 911 proxy but the standard way to connect a VM to a proxy is to create a separate “proxyVM”.
For example, you might install the proxy software in a VM called “911-proxy” and in the proxxyVM Qubes Manager settings → advanced tab, enable “provides network” checkbox. In the basic tab, choose “sys-firewall” for the netVM.
Your application VM (ex. the VM running your browser or messenger) would use the 911-proxy VM as a netVM (in application VM Qubes Manager settings → basic tab).
The final result:
appVM -> proxyVM -> sys-firewall -> sys-net
(each VM on the right “provides network” for the VM on the left. Each VM on the left has the VM on the right selected as its netVM)
The above approach works with various proxies (OpenVPN, Wireguard, Socks5, Tor, etc). I assume it will work with 911 proxy. Just make sure that 911 proxy is available on Linux. You don’t want to rely on a Windows VM for network privacy.
1 Like
Would I not able to use the browser or messenger inside the 911 proxy vm? Why would I need to make an extra app vm and connect that one to the 911 proxy? My ideal setup is 911-proxyvm->nord-vpnvm->whonix-gw->sys-firewall->sys-net
Also I know there are lots of guides downloading and setting up nord or mullad vpn and different types of proxies but I’m confused on how these softwares download and setup from web to vm. I know the steps and how to do them but I don’t really understand what I’m doing or how. Some type of explanation would be appreciated!
Ideally, you want to compartmentalize different apps and proxy services in separate VMs to mitigate potential compromises and reduce the risk of leakage.
Create a separate VM for your NordVPN app and a separate VM for your 911 proxy. Add a firewall between your VPN and Tor gateway. Also a firewall between your workstation app (browser/messenger, etc) and your first internal proxy. For example:
browserVM -> app-firewall -> 911-VM -> NordVPN -> vpn-firewall -> whonix-gw -> sys-firewall -> sys-net
However, unless you have very specific reasons to place a whonix-gw in front of your VPN, you are generally better positioning your VPN in front of your Tor gateway. Something like:
browserVM -> app-firewall -> whonix-gw -> tor-firewall -> NordVPN -> 911-VM -> sys-firewall -> sys-net
or better…
anon-whonix (browser) -> whonix-gw -> tor-firewall -> NordVPN -> 911-VM -> sys-firewall -> sys-net
or just plain old Tor is likely your best bet.
anon-whonix (browser) > whonix-gw -> sys-firewall -> sys-net
Just keep in mind that Tor is TCP-only via port 443, so make sure your VPN is configured for TCP/443.
The additional firewalls can be clones of your system firewall. No additional configuration is needed.
When it comes to installing software, you need to decide what kind of VMs you want. Standalone VMs can be based on a template that has preinstalled software and/or you can install/update software in the standalone as you would any normal installation of a distro. If you have a VM based on a template (an “appVM”), then you install/update software in the template and run the software in the appVM. Never run software in a template. If you want disposable VMs you also install/update inside the templates.
1 Like
Thanks for the info! I’ll try it out.