I use a VPN service which is capable of multihop. When I connect to the internet using my vpn in multihop mode I sometime access my gmail account. When I check the log of ips that have accessed my account, gmail is appearing to list my entry node as the point of access although it has the ip of the exit node in the log. Checking whatismyipaddress or a dns entropy test all point to the exit node. How is it gmail is listing the entry node geographical region in the log ?
I'm not saying this is your problem, but your post made me recall the "traceroute over existing TCP connections" technique. I don't know if any of the web based "what is my ip address" and/or traceroute tools provide such a test. However, you'll find some related info if you search for: (0trace OR intrace) AND tcp Edit: On second thought, I'm thinking that *shouldn't* be a potential explanation. Once a packet enters the tunnel at the exit node it should simply flow through to the client without any intermediate nodes inspecting TTL, right? I'll leave this comment here in case one of the more VPN savvy members have something to add or correct.
Also, you need to check the VPN configuration because if THEY control the circuit construction maybe they did a bad job. I too use multi hop but I control the circuit and in fact the VPN's are each in different virtual machines. Hope this makes some sense? Most "homeowner level" vpn multi routes are less than what you can create on your own. But again most don't need professional stealth circuits. Please don't take this wrong but using a REAL NAME account log in would make use of this circuit invalid for anonymous activity in the future. You may not need anonymity. Just wanted to point out the obvious - now the exit IP is related to your real name.