Qubes 4.0-rc2 networking issues

[JPL]

I just installed RC2 for the first time, ticking the 'enable Tor' box corresponding to the Whonix template. After booting and connecting to WiFi I was surprised to note that the Whonix Gateway started with the 'connecting to Tor' dialog when I started the Fedora-25 template to update it. So it seems everything was being routed through Tor even though I was not using Whonix.

I tried changing the networking options in the sys-net and firewall VMs but that simply dropped the connection. I then tried to reset again and got an error message saying the VM settings could not be changed.

Can someone tell me the default settings for the sys-net and firewall VMs? I only want Whonix to route through Tor. Hopefully I wont have to reinstall it again. Thanks.

[iry]

JPL:

> I just installed RC2 for the first time, ticking the 'enable Tor' box
corresponding to the Whonix template. After booting and connecting to
WiFi I was surprised to note that the Whonix Gateway started with the
'connecting to Tor' dialog when I started the Fedora-25 template to
update it. So it seems everything was being routed through Tor even
though I was not using Whonix.
>

Hi JPL!

How about trying this:

On the Qubes VM Manager find Fedora-25 template -> right click on that
and select VM settings -> Change the NetVM from sys-whonix (or any other
Whonix-gateway VM) to sys-firewall -> click OK

[JPL]

I must have done something else because I got error messages when I tried to reset the firewall and sys-net VMs, so rather than spending any more time fiddling around I reinstalled and was more careful about the boxes I checked.

While it's a good idea to have the option of seting update through Tor by default I think it could be better explained in the installer, and the checkbox shouldn't be positioned as a subset of the Whonix option but should instead be set away from the template VM options.

[Yuraeitha]

Templates don't have Net-VM's in Qubes 4. All updates are run over the Qubes-tools, and are no longer networked. So templates should be without networking. To my understanding, it goes for Fedora/Debian/Whonix-ws/whonix-gw.

As for the system updates over TOR, Are you sure sys-whonix wasn't started automatically at boot? Try check the sys-whonix VM-setting, or try reboot to confirm. Or run an online IP-check to see if system updates are tied to the Tor network.

But yeah, it would be nice to know how we change this setting that enables or disables system updates over the TOR network, in Qubes 4 after initial configuration setup. It's not found in the Qubes Global Settings, where it used to be when it was tied to the 3.2 Qubes Manager. So we need some documentation on where to find it in Qubes 4.

Though I do believe it's fairly written in the Qubes Configuration setup? I don't recall the exact words, so I don't know if they can easily be misunderstood, overlooked, or not. Though I've made the mistake my self to too quickly move on, and later regretting not more carefully picking one of these initial configurations. So it's definitely relateable.