DaHai8
Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

VPN Server as Tor Router?

Fri Mar 31, 2017 4:25 am

I have a Raspberry Pi VPN Server setup and running great in my home. I connect to it when I'm out and about on open WiFi networks.
Now, on that same Pi, I'd like to run a Tor router and have all the data that the VPN Server forwards out to the Internet to instead go through the Tor Router.
I can't figure out how to: Tell the VPN Server to route its output to Tor, or if even that's the correct way to do it.
Maybe setup the Tor Router on a Virtual IP and route the VPN output to that IP?
Not sure I know what I'm talking about.
Any suggestions?

Thanks.

DaHai8
Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

Re: VPN Server as Tor Router?

Mon Apr 03, 2017 12:05 pm

So I set up an Virtual IP such that eth0.0 router is eth0

nano /etc/network/interfaces

Code: Select all

iface eth0 inet manual

auto eth0.0
iface eth0.0 inet manual
    vlan-raw-device eth0
nano /etc/dhcpcd.conf

Code: Select all

interface eth0
  static ip_address=192.168.3.50/24
  static routers=192.168.3.3
  static domain_name_servers=8.8.8.8 8.8.4.4

interface eth0.0
  static ip_address=192.168.3.51/24
  static routers=192.168.3.50
  static domain_name_servers=8.8.8.8 8.8.4.4
Then set up OpenVPN
nano /etc/openvpn/server.conf

Code: Select all

local 192.168.3.51
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/TestPortal.crt
key /etc/openvpn/easy-rsa/keys/TestPortal.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig 10.8.0.1 10.8.0.2
push "route 10.8.0.1 255.255.255.255"
push "route 10.8.0.0 255.255.255.0"
push "route 192.168.3.51 255.255.255.0"
push "dhcp-option DNS 8.8.8.8"
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
comp-lzo
persist-key
persist-tun
user nobody
group nogroup
cipher AES-128-CBC
log /var/log/openvpn.log
status /var/log/openvpn-status.log 20
verb 1
And I set up Tor
nano /etc/tor/torrc

Code: Select all

Log notice file /var/log/tor/notices.log
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 192.168.3.50:9040
DNSPort 192.168.3.50:5353
And then set the iptable filters

Code: Select all

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 192.168.3.51
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT --to-ports 22
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j REDIRECT --to-ports 5353
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 5353 -j REDIRECT --to-ports 5353
iptables -t nat -A PREROUTING -i eth0 -p tcp --syn -j REDIRECT --to-ports 9040
And reboot
On 192.168.3.51 via ssh:
curl whatsmyip.co => my external IP address
curl --socks 127.0.0.1:9050 whatsmyip.co ==> some random IP address (shows that Tor works through socks)

However, connecting to the OpenVPN server on 192.168.3.51 and going to whatsmyip.co ==> my external IP address and not some random Tor one

So, for some reason, the output of the VPN Server on 192.168.3.51 is not going to 192.168.3.50 and being picked up by Tor Anonymized.

Any ideas where to check/change/test?

Thanks.

freccia
Posts: 1
Joined: Tue Apr 11, 2017 3:20 pm

Re: VPN Server as Tor Router?

Tue Apr 11, 2017 3:22 pm

Hi, I have exactly the same issue.
Have you found a solution?

freccia

Heehaw22
Posts: 1
Joined: Tue Jul 24, 2018 9:51 am

Re: VPN Server as Tor Router?

Tue Jul 24, 2018 9:59 am

I believe you would another embedded device such that as raspberry PI. If you’re not a fan of having emdedded devices lying around then you probably need to set up the OVPN/TOR from a usb or say if your on a local network- adherently moved somewhere along your network where it can be genuinely and genetically controlled

Return to “Advanced users”