Providing network in Qubes Vm´s - Qubes starter

Hello, I have started with qubes OS and after the installation I want to use Tor over a whonix VM. So I logged in my wifi router, but I don´t understand how I can route the internet connection from my firewall VM to the whonix VM. When I try to eddit my sys-firewall I only get the error message “Firewall has been modified manually - please use qvm-firewall for any further configuration.”. I have read the firewall and network documentation but that does not help.

I still couldn’t get it, ideally that you doesn’t need to configure anything. Simply configure your NetVM to sys-whonix is mean that you already use tor connection.

Normally that without configure anything,

Internet >< sys-net >< sys-firewall >< sys-whonix

Then tell your AppVM to use sys-whonix for internet, example :

qvm-prefs personal netvm sys-whonix

The route is > Internet >< sys-net >< sys-firewall >< sys-whonix >< personal

1 Like

thanks for your reply,
I typed your code “qvm-prefs personal netvm sys-whonix”
in the xfce terminal of my whonix workstation but I only get the responce that the command wasn`t found.

no you must run it in dom0, if you want personal vm using sys-whonx, run code above then try access check.torproject.org, if succed try changing personal vm back to use sys-firewall by issuing command in dom0 with qvm-prefs personal netm sys-firewall

1 Like

O.K. I have typed now the code in
system tools > Xfce Terminal
but when I try to use my “personal” VM, I can´t loading a page. I created a new VM, named it “Whonix_workstation”, it´s a whonix-gw-15. What I have to do to have the possibility to use the Tor browser in my VM? I have a Librem 14 btw. The clock in my Bios and in Qubes does´nt show the right time. Thanks for any help.

whonix-gw-15 is a template, for tor network inside whonix template, you should run sys-whonix which is appvm, sys-whonix would run tor, then you can use any appvm to use sys-whonix as tor network. by running qvm-prefs personal netvm sys-whonix as example

sorry i made a mistake here. it should qvm-prefs personal netvm sys-firewall

If personal vm can’t have a network, which use sys-firewall as networking, then the problem is in your sys-net.

1 Like

Thanks for your reply,

I exported some screenshots from my laptop to show exactly what I do.
(it´s a Librem 14 btw.)

At first I opened this console

Now I typed your command in to the console

after that I tried to start the browser in the VM

As this doesn`t work I tried it with sys-whonix like you had described but with the same results.
6

Should I reinstall Qubes? There no important data for me.
I getting notificated about template updates, how you can see in the second screenshot in the right corner below this text, but I have the wrong Date/Time in my OS and also in my BIOS.

@Amadeus Did you try to browse with Tor Browser in the anon-whonix VM? anon-whonix is the default VM that connects to sys-whonix. Once you get Tor connected with sys-whonix and anon-whonix connected via sys-whonix, then you can play with connecting other VMs to sys-whonix.

Just keep in mind that the whonix workstation (anon-whonix) and gateway (sys-whonix) are meant to work together for the greatest privacy/security. Non-whonix VMs like “personal” won’t give you the same level of privacy/security when connected to a whonix gateway.

1 Like

This is bootstrap phase, did it load 100% after some time?


I understand after quitely thinking about your architecture.

So what you are trying is doubled the tor network by adding 1 tor qube right, if that’s the case why not just clone sys-whonix? then configure sys-whonix-clone to use sys-whonix netvm.


looks like there’s a network problem in your sys-firewall / sys-net, make sure that internet is worked.

1 Like

My OS is connected to my router but I think there is a problem with my bios clock.

but as I asked in the purism forum how I can change the clock time , they told me I have to connect the laptop with a internet connection.

Your date is off by more than a year!

Tor is sensitive to date and time.

Make sure the ClockVM in Qubes Global Settings is set to sys-firewall. Tor will not work without accurate time.

Until date within your ClockVM reveals the right date, don’t start any other qubes. Once the date is correct, in dom0 run sudo qvm-sync-clock to force an update. Now that dom0 is correct, newly instantiated qubes should have the right date.

1 Like