My needs are complete anonymity. But I’m not sure If it’s overboard what I have in mind or if this solution makes sense?
As above in the title, I’m looking to create a connection that will take an appVM connection to a openVPN VPS tunneled to another openvpn VPS and finally over TOR network.
Before you continue I send you 2 useful links in case you didn’t take a look :
Be careful about what to put first.
Based on your question and my understanding of your schematic, it’s possible, you have to create two Qubes. (1)
appvm use sys-vpn1 as net qube (One VPN link)
sys-vpn1 use sys-vpn2 as net qube (Second VPN link)
sys-vpn2 use sys-whonix as net qube
You will have vpn 1 tunnel in vpn 2 tunnel in tor tunnel so the last IP will be from vpn 1 from a web server perspective for example.
First you will have Tor connection, inside that tunnel you connect to vps 2 and inside that tunnel you connect to vps 1.
Is it what you want ?
IMHO it’s not efficient because you will loose a lot of speed and performance (and what about privacy ?). I am not a network expert, but I think there would be a lot of fragmentation in this configuration.
If you can administrate vps1 and 2, perhaps it would be better to redirect from vps1 to vp2 directly the traffic. And then from vps 2 to tor network.
It’s a bit like secure core of protonvpn :
To have Tor IP in last hop you have to reverse (1).
appvm use sys-whonix as net qube
sys-whonix use sys-vpn2 as net qube
sys-vpn2 use sys-vpn1 as net qube
Your tor tunnel go through vpn2 and vpn2 go through vpn1 so tor go through vpn1 and vpn2.