Split tunneling per program #323
Comments
|
Hi,
On Wed, Nov 27, 2019 at 08:29:33AM -0800, azumukupoe wrote:
I'd like to bypass VPN connection for certain programs.
Not possible on Windows, and not a question for the *GUI* part anyway.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
|
|
it is possible for some extent in Windows. for example, Remote Desktop IP Virtualization every RDP user can use his own IP. However, such mode requires some investigation how it will interoperate with TAP (or, nowdays, WinTun) adapters. And how routing table will be constructed |
|
Hi,
On Wed, Nov 27, 2019 at 09:27:09AM -0800, Ilya Shipitsin wrote:
it is possible for some extent in Windows.
for example, Remote Desktop IP Virtualization
http://www.virtualizationblog.com/why-we-need-remote-desktop-services-ip-virtualization/
every RDP user can use his own IP. However, such mode requires some investigation how it will interoperate with TAP (or, nowdays, WinTun) adapters. And how routing table will be constructed
Distinct IP addresses do not make per-application VPN rules, unless
you force the application to use specific IP addresses (only) and
construct proper source-dependent IP addresses.
gert
…--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
|
However hide.me and AmanVPN have working applications split tunneling feature on Windows. |
|
Hi,
On Sat, Dec 03, 2022 at 07:01:10AM -0800, Roman ???????????????? wrote:
> Not possible on Windows
However hide.me and AmanVPN have working **applications split tunneling** feature on Windows.
Well, in that case the original statement needs to be rephrased to
"we don't know how they do that, and nobody has written code for
OpenVPN yet to do that".
gert
…--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany ***@***.***
|
|
I found out that Windscribe can do "per application split tunneling" with user's openvpn configs. I feed him some random ovpn config from vpngate and Windscribe (current is 2.5.17) connected successfully and splitting works. Also there is Wireguard realization of split tunneling in project https://github.com/TunnlTo/desktop-app |
|
They are probably using a custom callout driver for the Windows Filtering Platform to do bind redirection as described here: As filtering using WFP would require privileged access, this may have to go in to a service running as SYSTEM (preferably a new service) that the GUI can interact with. Direct hooking to or from OpenVPN core would not be required. |
|
Proton VPN desktop client for Windows has this feature and it works like a charm. Here is the link to their repo: https://github.com/ProtonVPN/win-app. I hope someday someone could bring this feature to OpenVPN client. |
|
In the proton VPN repository, there's and the whole thing is GPL-3 - so if someone has time and energy, this would certainly be an interesting read. |
I'd like to bypass VPN connection for certain programs.
The text was updated successfully, but these errors were encountered: