qubes whonix - Tor Control Panel says connection established but I can't browse TOR
60 views
Skip to first unread message
cub...@tutamail.com
Sep 22, 2019, 1:09:12 PM9/22/19
to Qubes Users
Hi,
I have a problem with whonix on qubes 4.0.1 - manually upgraded to whonix-15, fedora-30, kernel 4.19.
When whonix-sys networking VM is configured to my VPN VM, tor connection gets established which allows me to use TOR browser in 'anon-whonix'. Everything works fine, but... that's not the recommend way of connecting to TOR. When possible 'whonix-sys' should be set-up using ISP line directly ISP (non-VPN) so that Tor establishes the route between its 3 levels of nodes without having VPN server as a fixed entry/exit point.
And that's what I'm having a proplem with, unexpectedly. When I set up 'sys-firewall' or 'sys-net' as netVM for 'whonix-sys' I can't get 'anon-whonix' to establish Tor Browser connection, can't access any website. Even whonix-sys 'Tor Control Panel' struggles with establishing Tor connection. This is highly surprising as I don't live in a country where ISP's prevent any onion/tor traffic. It should all work fine.
I then tried playing with various clock settings on my host (dom0) to match the clock in UTC in sys-whonix (timedatectl command). Unfortunately the problem persists - I am able to connect to Tor via VPN VM but not directly via 'open' ISP sys-net or sys-firewall VM.
I have an impression the problem started after whonix upgrade to version 15 and qubes introduction of the clock-synchronisation-monitor. I might be completely wrong about it, it's just the timing of the issue coincides with the introduced qubes changes.
Does anyone had a similar problem? Or better still, does anyone know the solution and how to fix it?
Please help or point me to the right directly.
Many thanks,
cubecub
awokd
Sep 22, 2019, 1:52:29 PM9/22/19
to qubes...@googlegroups.com
cub...@tutamail.com:
> And that's what I'm having a proplem with, unexpectedly. When I set up 'sys-firewall' or 'sys-net' as netVM for 'whonix-sys' I can't get 'anon-whonix' to establish Tor Browser connection, can't access any website. Even whonix-sys 'Tor Control Panel' struggles with establishing Tor connection. This is highly surprising as I don't live in a country where ISP's prevent any onion/tor traffic. It should all work fine.
Might be https://github.com/QubesOS/qubes-issues/issues/5331. TL;DR
version, try:
qvm-features sys-whonix ipv6 ''
and restart.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
> And that's what I'm having a proplem with, unexpectedly. When I set up 'sys-firewall' or 'sys-net' as netVM for 'whonix-sys' I can't get 'anon-whonix' to establish Tor Browser connection, can't access any website. Even whonix-sys 'Tor Control Panel' struggles with establishing Tor connection. This is highly surprising as I don't live in a country where ISP's prevent any onion/tor traffic. It should all work fine.
version, try:
qvm-features sys-whonix ipv6 ''
and restart.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
cub...@tutamail.com
Sep 22, 2019, 4:20:07 PM9/22/19
to awokd, Qubes Users
And that's what I'm having a proplem with, unexpectedly. When I set up 'sys-firewall' or 'sys-net' as netVM for 'whonix-sys' I can't get 'anon-whonix' to establish Tor Browser connection, can't access any website. Even whonix-sys 'Tor Control Panel' struggles with establishing Tor connection. This is highly surprising as I don't live in a country where ISP's prevent any onion/tor traffic. It should all work fine.Might be https://github.com/QubesOS/qubes-issues/issues/5331. TL;DRversion, try:qvm-features sys-whonix ipv6 ''and restart.
Thanks for pointing to related link and the fix. I executed the command, rebooted and also played with changes to previous qubes-available kernel version, although all within 4.19.* range. (*43, *67, *71). Unfortunately successful connection has been made yet.
Are there more hints for potential solutions? Thanks.
--- don't top postMailing list etiquette:- trim quoted reply to only relevant portions- when possible, copy and paste text instead of screenshots
--You received this message because you are subscribed to the Google Groups "qubes-users" group.To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users...@googlegroups.com.To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ee563d2f-bf9e-7234-2e26-8cf91b664b13%40danwin1210.me.
cub...@tutamail.com
Sep 22, 2019, 4:30:37 PM9/22/19
to cub...@tutamail.com, awokd, Qubes Users
Sep 22, 2019, 22:20 by cub...@tutamail.com:
Sep 22, 2019, 19:52 by qubes...@googlegroups.com:
And that's what I'm having a proplem with, unexpectedly. When I set up 'sys-firewall' or 'sys-net' as netVM for 'whonix-sys' I can't get 'anon-whonix' to establish Tor Browser connection, can't access any website. Even whonix-sys 'Tor Control Panel' struggles with establishing Tor connection. This is highly surprising as I don't live in a country where ISP's prevent any onion/tor traffic. It should all work fine.Might be https://github.com/QubesOS/qubes-issues/issues/5331. TL;DRversion, try:qvm-features sys-whonix ipv6 ''and restart.
Thanks for pointing to related link and the fix. I executed the command, rebooted and also played with changes to previous qubes-available kernel version, although all within 4.19.* range. (*43, *67, *71). Unfortunately successful connection has been made yet.Are there more hints for potential solutions? Thanks.
I've just noticed that even though "Tor Control Panel" shows 'Connected to Tor network', when I check the status of the 'Time Synchronization Monitor' widget it's stuck on:
"Last message from sys-whonix sdwdate: Initial time fetching in progress..."
for both whonix-sys and anon-whonix VM's.
Strangely, the status doesn't get resolved.
And as I mentioned the Tor-Control-Panel continues showing as "connected to Tor network".
Such observation suggests there might be a problem with the TIme-Synchronisation-Monitor, or should I say, with sys-whonix obtaining valid timestamp in order to get started.
Hopefully this additional comment would help someone with suggesting a solution.
Thank you.
--- don't top postMailing list etiquette:- trim quoted reply to only relevant portions- when possible, copy and paste text instead of screenshots
--You received this message because you are subscribed to the Google Groups "qubes-users" group.To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users...@googlegroups.com.To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ee563d2f-bf9e-7234-2e26-8cf91b664b13%40danwin1210.me.
--You received this message because you are subscribed to the Google Groups "qubes-users" group.To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/LpPcOeE--3-1%40tutamail.com.
Reply all
Reply to author
Forward
0 new messages