1

I'd like to use OpenVPN inside Whonix Workstation so need to open 1194 port.

I was trying to add some lines to iptables and still failing. How can I do it and then check it, for example with nmap scanning localhost?

roaima
  • 107,089
  • 14
  • 139
  • 261
user198662
  • 21
  • 1
  • 1
    Please include the output of `iptables nvL` in your question. (Don't forget to format the lines by selecting the block and using `{}` in the menu bar.) – roaima Nov 04 '16 at 15:13

2 Answers2

0

Whonix and open port as of Whonix 13 makes limited sense. You don't need to open a port in order to use VPN.

As for VPN usage instructions, just have a look into Whonix VPN documentation:

https://www.whonix.org/wiki/Tunnels/Introduction

adrelanos
  • 1,786
  • 7
  • 29
  • 56
  • Just now added a wiki page about opening ports: https://www.whonix.org/wiki/Ports – adrelanos Nov 04 '16 at 16:42
  • adrelanos thanks,read it and like you say – user198662 Nov 04 '16 at 19:03
  • adrelanos thanks,read it and like you say "In Whonix 14 (in development), if you want to host a Tor hidden service, you will need to open a port in Whonix-Workstation firewall" "If you really need an anonymous incoming port your primary option is Tor Hidden Services and some methods listed on Hosting Location Hidden Services" so if I see clearly,open port could be avaliable through Tor hidden service,like in my case OpenVPN HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 1194 10.152.152.11:1194 or not? :) – user198662 Nov 04 '16 at 19:14
  • If you want to run OpenVPN as a server, then a hidden service can work. (Use OpenVPN TCP mode.) (And note, that only other users of Tor can connect to it.) If you want to run OpenVPN as a client, you do not need to open any ports. – adrelanos Nov 06 '16 at 00:34
0

roaima this is the default firewalls for Workstation and Gateway:

https://github.com/Whonix/whonix-ws-firewall

/etc/whonix_firewall.d/30_default.conf

/usr/bin/whonix_firewall

https://github.com/Whonix/whonix-gw-firewall

/etc/whonix_firewall.d/30_default.conf

/usr/bin/whonix_firewall

I used to use something like this:

iptables -A INPUT -p tcp --dport 1194 -j ACCEPT

adrelanos I already look around documentation and dont find answers for my questions,sorry but I do need,find out this to develop,debug,experiment,learn more saying.

If you could help,thats great,in other way Ill keep learning more. Cheers.

user198662
  • 21
  • 1