Network Obstacle

From Whonix
Jump to navigation Jump to search



Whonix ™ is a research and implementation project that is based on thousands of freely available software packages. You can learn more about the organizational structure here.

The Tor software is used to establish anonymized external connections, but the Whonix ™ project does not maintain Tor. Further, the reliance of the Whonix ™ platform on Tor does not imply developers are experts about the Tor software.

Network Obstacle Examples[edit]

Some users will experience "network obstacles" when using Whonix ™ because some internet service providers (ISPs) in various countries block (censor, prevent) access to the public Tor network. In this instance, Bridges may or may not help in circumventing Tor censorship. For example, in China the Great Firewall automatically blocks connections to Tor and it is necessary to obtain a bridge that works: [1]

  1. uses ephemeral proxies to connect to the Tor network. It's available in Tor Browser stable version (Desktop and Android). You can select Snowflake from Tor Browser's built-in bridge
  2. Private and unlisted obfs4 bridges: users will need to request a private bridge to with the phrase "private bridge" in the subject of the email or, if they are tech-savvy, they can run their own obfs4 from outside China. It's important to note that bridges distributed by BridgeDB (, email), and built-in obfs4 bridges bundled in Tor Browser most likely won't work.
  3. meek-azure: it looks like you are browsing a Microsoft website instead of using Tor. However, because it has a bandwidth limitation, this option will be quite slow. You can select meek-azure from Tor Browser's built-in bridges dropdown.

Reasonable Conclusions[edit]

When users experience connectivity issues it is unreasonable to automatically assume the Whonix ™ project is the underlying cause. Nor are Whonix ™ developers experts in resolving various network obstacles. For these reasons, the Troubleshooting page recommends:

In case of connectivity issues: Check if Tor works on the host.

If the Tor Browser Bundle is not functional on the host, then Whonix ™ is unlikely to work either. It is recommended to have a recent Tor Browser Bundle version installed at all times. This way users can test if they live in a censored area or not and whether Tor is blocked by the ISP. Further, if (private) (obfuscated) bridges are necessary for Tor Browser Bundle functionality on the host, then Whonix ™ will similarly require them.

In conclusion, if connectivity issues are experienced with Whonix ™ a sensible first step is to test Tor Browser (TB) functionality on the host. If issues persist on the host then the Tor community should be directly contacted about the issue, since the Whonix ™ platform cannot be the primary source of the problem. In this case it is useful to make a copy of Tor to help identify the cause of the problem. [2]

Tor Browser[edit]

Info Tip.

It is recommended to always have the latest Tor Browser (TB) (.onion)onion installed outside of Whonix ™.

  • Non-Qubes-Whonix ™ users: It is recommended to always have TBB installed on the host operating system (OS).
  • Qubes-Whonix ™ users: It is recommended to always have TBB installed in a non-Whonix ™ Template, like (preferably) Debian, Fedora.

Refer to the Non-Whonix ™ Tor Browser chapter for TB installation instructions on all platforms. TBB is useful to test whether or not:

  • The user lives in a censored area.
  • Tor is blocked by the Internet Service Provider (ISP).
  • (Private) (obfuscated) bridges will be needed for operation of Tor Browser in Whonix ™, see Bridges.

If TB fails to properly connect to Tor on the host OS or from a non-Whonix ™ App Qube in Qubes, then Tor Browser inside Whonix ™ will similarly fail to work. Another benefit of installing TB in this fashion is that if Tor Browser unexpectedly stops running in Whonix ™, then Tor Browser can still be independently used to visit the Whonix ™ website for a solution to this issue.

For better security and privacy, users should read and follow the advice in the Tor Browser chapter.

See Also[edit]


  2. For example, if logs indicate a connection cannot be made to the Tor guard relay, this may suggest the network is censored.