Notice: TOR Does NOT Automatically Connect Through VPN

Well this is a bit of a strange issue, I use a VPN service and never have bothered running TOR on it as I have no need. Out of boredom today I tried it and here's the situation. I have my Comodo Firewall set to block internet access to certain software in the case my VPN disconnects. This has been tried and true dozens of times and has NEVER caused me any problems.

But when I attempted to set this settings to the Browser Bundle, I was unable to connect. But if I removed the "VPN Only" rules on the firewall it would connect no problem. This leads me to believe that TOR is NOT routed through the VPN.

I use Open VPN for my service, anyone know any way to force it to run through the VPN? Because it seems to go around it.

I figured I'd better post this on Wilders as many people in the past have just stated to run it after connecting to your VPN. Which obviously is NOT the case.

 

You should be able to run Tor after connecting to your VPN with no problem. Perhaps your firewall rules just need some adjusting. In particular, Tor and its components need access to the loopback zone on the local network in order to function correctly. Try this rule set instead:

tbb-firefox.exe

• Allow TCP Out From MAC Any To IP 127.0.0.1 Where Source Port Is Any And Destination Port Is Any

tor.exe

• Allow TCP Out From [VPN Only] To MAC Any Where Source Port Is Any And Destination Port Is Any
• Allow TCP Out From MAC Any To IP 127.0.0.1 Where Source Port Is Any And Destination Port Is Any

vidalia.exe

• Allow TCP Out From MAC Any To IP 127.0.0.1 Where Source Port Is Any And Destination Port Is 9051

Don't worry about those "MAC Any" connections to 127.0.0.1 - that IP address only exists on the local machine, so it is safe (and necessary). The actual connections to external internet addresses are handled exclusively by the "tor.exe" application. By implementing that first rule for tor.exe, you are effectively binding the connection to your VPN zone, so there won't be any leaks.

 

Casper would you mind going over a small tutorial on how to do that? My selections in Comodo look nothing like what you've written there so I'm obviously doing something wrong. Not sure how to implement the MAC any rule even.

Any help would be appreciated.

 

There's probably more than one way to do it. What I usually do is just create rules on the fly, meaning I allow (or block) whatever the application is asking for, and then fine-tune the rules to be more specific (if necessary).

Not really sure if I can explain it any better, but I'll try posting some screen shots.

Firewall Behavior Settings

General Settings

Firewall Security Level = Custom Policy
Create rules for safe applications = Checked​

Alert Settings

Alert Frequency Level = "Very High"​

Network Security Policy

Application Rules (Summary):



Example Rule #1 for tor.exe:
Allow TCP Out From [IP range or network zone for VPN] To MAC Any Where Source Port Is Any And Destination Port Is Any



Example Rule #2 for tor.exe:
Allow TCP Out From MAC Any To IP 127.0.0.1 Where Source Port Is Any And Destination Port Is Any

​

 

Wow Casper that is more than I could have asked for! Thank you!

 

also
thanx
Popcorn