option to allow local area network traffic when using wireguard

Amebis / eduVPN

Windows eduVPN Client

GNU General Public License v3.0

39 stars 17 forks source link

option to allow local area network traffic when using wireguard #226

Closed borenius-dfn-de closed 6 months ago

borenius-dfn-de commented 7 months ago

By default the wireguard client seems to block traffic to the local area network which inhibits people from using their local network resources while being connected to the VPN.

Something like the "Block untunneled traffic (kill-switch)" in the Wireguard client from wireguard.com would be nice.

rozmansi commented 6 months ago

Sorry for a late reply.

Blocking the local traffic (or not blocking the local traffic) can be configured on the eduVPN server in the profile configuration.

Namely: VPN server admin/your institution chooses this. If they do so by their policy and their security concerns, VPN client must obey that. Please, consult your institution if they could reconsider their policy or provide additional profile that could allow local traffic too.

borenius-dfn-de commented 6 months ago

Thanks for the reply! I wasn't successful in finding any information on that. There is the 'oBlockLan' but the comment says "OpenVPN Only". And searching through the source code does not reveal any wBlockLan parameter. The work around for us at the moment is

'defaultGateway' => false, 'routeList' => [ '0.0.0.0/1', '128.0.0.0/1', '::/1', '8000::/1' ],

Works for us, but looks ugly to me ;-)