Unable to access intra website by adding it to exclusions list + add the browser to Split tunneling

AdguardTeam / VpnLibs

Open bug tracker for AdGuard VPN core library

6 stars 0 forks source link

Unable to access intra website by adding it to exclusions list + add the browser to Split tunneling #17

Closed MoienBowen closed 1 year ago

MoienBowen commented 2 years ago

Issue Details

AdGuard VPN version: 1.1.0.167 release for macOS
VPN mode: Regular mode on macOS
Device: MacBook Pro (14-inch, 2021)
Operating system and version: macOS 12.3

Expected Behavior

We have a intranet website abc.com which can be only accessed with our intranet. I added the website into exclusions list and FireFox into split tunneling. With the VPN turned on, I should be able to access abc.com with FireFox.

Actual Behavior

Unable to access with VPN turned on.

ameshkov commented 2 years ago

There's a chance that the problem is that you need to use your intranet's DNS service to access that website.

ameshkov commented 2 years ago

@sfionov what do you think, should we consider adding a logic that uses system DNS for excluded domains?

MoienBowen commented 2 years ago

There's a chance that the problem is that you need to use your intranet's DNS service to access that website.

I can confirm that it does require the intranet's DNS. However, the current public version has no DNS setting, and in the 1.2.0.180 nightly version, even I set the System default option for DNS servers, I am still unable to access those intranet website. (I am connected to our intranet WiFi).

ameshkov commented 2 years ago

Well, "System default" is a bug, should be simply "Default", this is rather strange for a VPN service to rely on your ISP's DNS.

I think we should make an exception for "excluded" domains or at least and route them to the system default.

You can try setting your intranet DNS manually there, though.

maxikuzmin commented 2 years ago

@n00d1e5 please tell me if the question is still actual?

maxikuzmin commented 2 years ago

@n00d1e5 ping

MoienBowen commented 2 years ago

@n00d1e5 please tell me if the question is still actual?

Yes... The current version is 1.2.3.203 for macOS, I set Firefox for Split tunneling and xxx website (which has particular DNS requirement) in Exclusions. And I cannot access to the website once Adguard VPN is activated.

sfionov commented 2 years ago

@ameshkov

what do you think, should we consider adding a logic that uses system DNS for excluded domains?

Yes, that's possible. However, additional logic will be needed in DnsLibs to bypass outbound proxy for fallbacks-exclusions.