Open h4ckemc2 opened 3 years ago
mateusz-markowicz
commented
3 years ago Hey, thanks for the report. We have a setting for bypassing VPN for local connections but only for OpenVPN at this moment. You need to disable Smart Protocol in settings, choose OpenVPN and set "Allow LAN connections".
cyclinggeorgian
commented
3 years ago Hey, thanks for the report. We have a setting for bypassing VPN for local connections but only for OpenVPN at this moment. You need to disable Smart Protocol in settings, choose OpenVPN and set "Allow LAN connections".
Hey Mateusz, indeed there is such an option and it works wonderfully. Although not when "Always on kill switch" is enabled too. And that switch, for me at least, is of paramount importance. I want all my traffic go through VPN connection or not at all. I didn't open new issue because i think it fits here too. But my issue is exactly that - With "Always on kill switch" even applications in the "allowed" list are "forced" over VPN. --edit-- Kind of felt like unfinished request... I was trying to say that even with "kill switch" i would like for Split Tunnelling still be able to work.
shahram10715
commented
3 years ago Hey, thanks for the report. We have a setting for bypassing VPN for local connections but only for OpenVPN at this moment. You need to disable Smart Protocol in settings, choose OpenVPN and set "Allow LAN connections".
It did not work for me. Although I disabled "always on kill switch" I also have trouble with split tunneling wich I have mentioned in issue #46
Hielyr
commented
2 years ago I also use the kill switch and can confirm that when it is enabled, I am unable to access devices on my LAN. Only being able to use OpenVPN is one thing, but not being able to have the kill switch feature enabled is a pretty big negative in my book.
cthulhubuddha
commented
2 years ago Hey team! Any progress on this one? On Android you must disable Block connections without VPN (e.g. kill switch) to see your local LAN. Thanks!
some-username-here1
commented
2 years ago Can confirm here as well, getting the same issue where I can't access or ping other devices on the same LAN. Disabling "Block connections without VPN" gets around it, but I'd like to have it always block any outgoing non-LAN connection too.
Phone is OnePlus 6T and OS is LineageOS 18.1 if needed.
EDIT: even with the protocol switched off from Smart with "Block connections without VPN" enabled, Wireguard, IKEv2 or OpenVPN doesn't work either.
frknltrk
commented
2 years ago 
enabling the setting "LAN connections" worked for me.
jmcrey
commented
2 years ago I do not use the kill switch, so switching the protocol to OpenVPN and enabling LAN connections worked for me.
It does seem like a negative to not be able to use the other protocols. Is there any plan to enable this feature on the other protocols?
TARehman
commented
2 years ago I can verify this behavior as well. I have a local machine running on my network. To document the effect of various settings, see the table below. I am doing all of these tests on an Android phone.
| VPN Connection | Protocol | LAN connections | Always-on VPN | Block connections without VPN | Connection |
|---|---|---|---|---|---|
| On | Smart (auto) | Off | Off | Off | Fails |
| On | Smart (auto) | On | Off | Off | Succeeds |
| On | Smart (auto) | On | On | Off | Succeeds |
| On | Smart (auto) | On | On | On | Fails |
It would appear that when the "Block connections without VPN" setting is On, Android / ProtonVPN interprets this quite literally as "do not allow any connection to go without VPN", even when you allow for LAN connections. On the one hand, this does sort of make sense - we did tell it to not allow any connections that aren't over VPN. On the other hand, though, I'd say this behavior is somewhat unexpected because you would think that it would only affect connections outside your network.
If, as I suspect, this is possibly an Android thing more than a ProtonVPN thing, perhaps it would be possible to "gray out" the switch for "LAN connections" in ProtonVPN when the "Block connections without VPN" setting is set in Android? That would make it clear to other users what is happening so they don't have to go through the above debugging steps.
mainrs
commented
2 years ago @TARehman I experience the exact same behaavior as you state in your table. Up until today, where I had to disable always-on to make my LAN connections work. Do you experience the same? Does it still work?
cpainchaud
commented
1 year ago It feels to me that it's Android feature "Block connections without VPN" that is causing the problem and that no VPN app can modify it's behavior to tell Android that some networks can be excluded
ahsvip
commented
1 year ago Does lan connection mean that we can create a local proxy for the Hot spot network and share it with other devices?
If so, please state the port number of this proxy and its protocol
mainrs
commented
7 months ago It feels to me that it's Android feature "Block connections without VPN" that is causing the problem and that no VPN app can modify it's behavior to tell Android that some networks can be excluded
Just to bring some clarity into this. This seems to be an issue within Android. There is already an open feature report to add the necessary API for unprivileged (VPN) apps to make this work properly.
Currently, said API resides in DevicePolicyManager. And this requires the app to be a work manager IIRC.
Local network traffic seems to be routed through the VPN. For example, when trying to cast content to Chromecast devices located in the same local network as the Android device running the ProtonVPN app, cast cannot be performed. The VPN has to be shut down in order to be able to cast (e.g. casting video from streaming apps as Netflix or others). The VPN app should be able to identify whenever a local network connection is being established and not routing its traffic through the VPN, on the contrary, traffic going to the Internet should be tunneled through the VPN.