Mullvad blocks connection from UTM's emulated VLAN when "Allow local network connection" is not enabled

[TommyTran732]

Is it a bug?

• [X] I know this is an issue with the app, and contacting Mullvad support is not relevant.

I have checked if others have reported this already

• [X] I have checked the issue tracker to see if others have reported similar issues.

Current Behavior

Mullvad blocks UTM's VMs in Emulated VPN unless we allow local network connection.

Expected Behavior

Mullvad should only block connections to the actual LAN and not the Emulated VPN running inside of the machine.

Steps to Reproduce

1. Install Mullvad VPN on the host.
2. Do not allow access to LAN.
3. Setup a UTM VM with Emulated VLAN.
4. Observe that the VM cannot connect to the internet.

Failure Logs

N/A

Operating system version

macOS 14.2.1

Mullvad VPN app version

2023.6

Additional Information

I don't know how macOS networking under the hood, but I have tested this with IVPN, and their client does work for this scenario. VMs with Emulated VLAN can connect to the internet even access to the real LAN is not allowed.

There is probably a way to differentiate between the Emulated VLANs and the actual LAN/WLAN. I am not sure what they actually do though, I haven't looked at the code yet.

[faern]

Thanks for reporting this issue. This is probably a duplicate of/related to #5213. Admittedly we have not spent a great amount of time testing compatibility with UTM virtualization.

[conana]

For what it's worth, I had a similar problem (discussed in https://github.com/mullvad/mullvadvpn-app/issues/5213#issuecomment-1899007933) and now have the guest OS (Windows 11) working on the QEMU backend regardless of whether Local Network Sharing is enabled or not.