On Tue, 08 Oct 2013 01:20:36 +0000 mirimir <mirimir@xxxxxxxxxx> allegedly wrote: > On 10/06/2013 10:32 AM, mick wrote: > >> > > Forgive me, I'm not sure I understand this. Could you elaborate > > please on the nesting of the VPN tunnels with Tor? Since Tor does > > not (currently) support UDP, what architectural model do you have > > in mind? (e.g. openVPN tunnelled through openVPN to a Tor guard > > entry?) > > Yes, Tor supports only TCP. But OpenVPN can optionally use TCP, and > once the VPN tunnel is established, it supports both TCP and UDP > traffic. It's easy to tunnel a VPN through Tor using Whonix in > VirtualBox. First get a free SecurityKISS account. Then install > network-manager-openvpn on the Whonix workstation, and configure > Network Manager for SecurityKISS in TCP mode. By default, Whonix will > use the transproxy port for OpenVPN. Once the VPN tunnel is up, you > can use both TCP and UDP with remote sites. However, you can't access > hidden services, for obvious reasons. > > You can also run an OpenVPN server in TCP mode as a Tor hidden > service. You install the server on the Whonix workstation, and > configure torrc on the Whonix gateway. Alternatively, you can use > ra's Tor gateway, which is an OpenWRT VM with a Tor client and DHCP > server, plus a Debian VM for the OpenVPN server. > > More generally, you can use multiple pfSense router/firewall VMs as > clients for various VPN providers, and OpenWRT Tor gateway VMs. > Internet traffic routing reflects the local routing of gateway VMs. > Mirimir Thank you for taking the time to reply. I haven't used whonix so far, but now I think I'll have a play to make sure I can get it set up properly. Best Mick --------------------------------------------------------------------- Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net ---------------------------------------------------------------------
Attachment:
signature.asc
Description: PGP signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk