Vpn_relay

YhueJie · November 1, 2025, 10:24am

Hello Community, I have issue with configuring my qubes to relay through my VPN.

I cloned the sys-firewall and have the cloned one connected to Whonix, it worked as expected without having VPN turned-on in my worker-qube that is connected to the cloned sys-firewall, when I enable vpn on the worker-qube, it all stop working.

What could be the issue?

KitsuneNoBaka · November 1, 2025, 11:16am

Maybe this vpn don’t like to be connected from TOR?
Or maybe, because TOR network is slow it timeout, just?
I’ve tried and I can’t connect to VPN over TOR. But I can connect to TOR over VPN no problem.

YhueJie · November 1, 2025, 11:23am

I’m not connecting to VPN over Tor,

→ VPN → SYS-FIREWALL → TOR → INTERNET

It worked when I have this setup:
→ SYS-FIREWALL → TOR → INTERNET

KitsuneNoBaka · November 1, 2025, 11:26am

??? Your own text and your own diagram say so.
First to the internet is connected whonix - your’e inside tor network.
Then, over the tor connection you connecting to vpn.
And then you connecting your last qube to vpn network.

YhueJie · November 1, 2025, 11:28am

Yes, that’s the setup. My ISP only see’s VPN connection

KitsuneNoBaka · November 1, 2025, 11:30am

No. Your ISP sees only connection to TOR relay.

YhueJie · November 1, 2025, 11:43am

I don’t think you understand what I’m saying.

this is my qube AppVm

[enabled VPN] → [connected to] sys-firewall → [sys-firewall connected to] sys-net

the above setup shows to my ISP I’m connected to a VPN, so how does below configuration tells my ISP I’m connected to tor?

[enabled VPN] → [connected to] cloned-sys-firewall → [cloned-sys-firewall connected to] sys-whonix

KitsuneNoBaka · November 1, 2025, 11:49am

Yes.

So Whonix is conected to internet. This is connection to TOR network.

Cloned sys-firewal is connected to whonix. So firewall is connected to TOR.

vpn is connected to cloned firewal. So vpn is trying to connect to vpn server over TOR network.

Clearer I can’t say.

YhueJie · November 1, 2025, 11:53am

I can sense the idea you insinuating, since I have cloned-sys-firewall connected to TOR, my vpn connections happens after I’m connected to TOR which is like this:

→ TOR → VPN ?

this is bad, and not the intended setup, how can i go about this?

I’m using ProtonVpn

KitsuneNoBaka · November 1, 2025, 12:00pm

You shows this diagram (and in text you said so):
Internet/ISP - whonix - firewall - VPN

You say that it’s not the case and then you shows that it’s the case.
You shows and texts that you are connecting to VPN over TOR and then you say that it’s not.
EOT

YhueJie · November 1, 2025, 12:03pm

You are a bit confusing, what is the proper method to achieve the desire setup?