search

AdguardTeam / AdguardForiOS

The most advanced ad blocker for iOS
https://adguard.com/
GNU General Public License v3.0
1.4k stars 201 forks source link

DNS protection fails to restart automatically after connecting to 3rd party VPN #1686

Open gabrielwhite opened 3 years ago

gabrielwhite commented 3 years ago

Issue Details

Expected Behavior

I'm using Adguard Pro on iOS. I use "DNS protection" through the VPN. I have a rule that the VPN shouldn't be enabled when I'm on my home network.

  1. Enable DNS protection
  2. Set rule that "home" network shouldn't be used for DNS protection
  3. Connect to "non-home" network
  4. See that DNS protection VPN is enabled automatically
  5. Connect to third party VPN (e.g. NordVPN)
  6. See that AdGuard VPN is disabled automatically
  7. Disconnect from third party VPN
  8. See that AdGuard DNS protection VPN has reconnected automatically

In summary: I would expect my DNS protection settings to be maintained after connecting / disconnecting from a third party VPN, so that DNS protection automatically restarts (according to my rules) immediately after I disconnect from the third party VPN.

This is a security / privacy issue as it's easy for the user to forget to re-enable the protection after using a 3rd party VPN.

Actual Behavior

  1. Connect to "non-home" network (see note above)
  2. See that DNS protection VPN is enabled
  3. Connect to third party VPN (e.g. NordVPN)
  4. See that AdGuard VPN is disabled automatically
  5. Disconnect from third party VPN
  6. Open AdGuard and see that DNS protection has automatically been disabled
  7. Re-enable DNS protection manually to restart VPN

OR

  1. Connect to "home" network (see note above)
  2. See that DNS protection VPN is disabled (per rule)
  3. Connect to third party VPN (e.g. NordVPN)
  4. See that AdGuard VPN is disabled automatically
  5. Disconnect from third party VPN
  6. Connect to "non-home" network
  7. Open AdGuard and see that DNS protection has previously been disabled
  8. Re-enable DNS protection manually to restart VPN
zzebrum commented 3 years ago

@gabrielwhite each VPN profile (system settings - VPN) has a param called 'Connect on demand'. It is basically an auto-connect you want to have. So, the first scenario you've described seems to be correct, step 8 would be - When any of your application attempts to use the network, the VPN will connect automatically (on demand). The second scenario though is problematic because on step 6 when you connecting to the "non-home" network, a VPN should be connected on-demand.

gabrielwhite commented 3 years ago

@zzebrum thanks for your reply - I'm not clear on whether you're saying this problem is unsolvable for technical reasons, or whether you're confirming my issue.

In summary my issue is this: I use multiple VPNs (AdGuard when I'm outside my home WiFi, NordVPN ad-hoc as needed both at home and outside), and AdGuard loses its settings (DNS protection) every time I use NordVPN - either when I'm at home or outside my home WiFi.

Is there a way for AdGuard to re-enable itself automatically after I use NordVPN?

zzebrum commented 3 years ago

@gabrielwhite please, go to system settings - VPN, tap on the info sign on the right side of ADGuard VPN profile and check that 'Connect on demand' option is turned on.

gabrielwhite commented 3 years ago

Just to be clear:

Here's the sequence of steps:

  1. Turn on AdGuard DNS protection
  2. See that DNS protection is enabled / AdGuard VPN is enabled
  3. Connect NordVPN
  4. See that NordVPN is connected
  5. See that both AdGuard Pro and NordVPN are "Connect on Demand"
  6. Open AdGuard Pro app and see that DNS protection has been turned off automatically
  7. Disconnect NordVPN
  8. See that DNS protection is still off, and AdGuard is still set to "Connect automatically"

The end result is that AdGuard fails to reactivate automatically as I would expect.

I hope that's clearer?

zzebrum commented 3 years ago

@gabrielwhite I'm very sorry for the late reply! What protocol and auto-connect option at Nord VPN do you use?

gabrielwhite commented 3 years ago

@zzebrum Thanks for following up.

I have NordVPN on NordLynx.

I don't have any "connect on demand" rules in the NordVPN app - I suspect it just says "Connect on demand" against the NordVPN VPN config in the Settings app so that the NordVPN app itself can "demand" the connection. Or am I misunderstanding how it works?

stale[bot] commented 3 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] commented 1 year ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.