os-issue-tracker icon indicating copy to clipboard operation
os-issue-tracker copied to clipboard

Published 20 hours ago verified publisher icon GrapheneOS

add the option of VPN support for hotspot / tethering

Open thestinger opened this issue 5 years ago • 3 comments

VPNs are per-profile and this feature should not be designed to use the current profile's VPN. It's not clear exactly how it should work. Using the Owner profile VPN for this may not be desirable and is somewhat of an anti-feature since it encourages unnecessarily grouping traffic together by making that easier than the more private approach of separate tunnels for each profile and connected device.

thestinger avatar Mar 31 '19 03:03 thestinger

This would be grandios. I can't understand why AOSP doesn't provide this already. There is no reason not to route all traffic through the VPN.

nutts0 avatar Apr 05 '19 23:04 nutts0

At the moment, you can simply run the VPN on the devices you have tethered too. This feature is not a high priority.

thestinger avatar May 07 '21 20:05 thestinger

Would be interested in reviving this issue. I had a usecase today where I wanted to create an open hotspot for semi-trusted people. Routing everything through a VPN would effectively protect me from abuse.

If noone picks it up, I might give it a shot once I've learned enough to work on (seemingly) simple issues.

ghost avatar Aug 08 '21 00:08 ghost

One use case would be to be able to create a VPN chain with the help of a second GOS device for countries were they target citizens for the use of Tor/VPN by using a mainstream VPS connection as the first exit and at the same time use the second VPS to hide from the mainstream VPS what data passes through.

OneSmartIdea avatar Nov 16 '22 01:11 OneSmartIdea

You don't need multiple devices to chain tunnels.

thestinger avatar Nov 16 '22 02:11 thestinger

You don't need multiple devices to chain tunnels.

Please tell me how to do it.

OneSmartIdea avatar Nov 16 '22 02:11 OneSmartIdea

Our issue tracker isn't used to provide support and tutorials.

thestinger avatar Nov 16 '22 02:11 thestinger

Especially something unrelated to GrapheneOS...

thestinger avatar Nov 16 '22 02:11 thestinger

Thanks, you right, but making a LTE VPN router out a GOS device is kinda of an awesome feature for GrapheneOS and really important for some countries.

OneSmartIdea avatar Nov 16 '22 02:11 OneSmartIdea

We don't think sending a bunch of stuff over the same VPN tunnel instead of having a per-device VPN tunnel established is the right approach. It needlessly ties stuff together. At the moment, each profile has a separate VPN, which is within the same device. Reusing the Owner profile VPN for completely separate device would be a major step backwards from the current approach and isn't really what we want to do.

thestinger avatar Nov 16 '22 02:11 thestinger

We don't think sending a bunch of stuff over the same VPN tunnel instead of having a per-device VPN tunnel established is the right approach. It needlessly ties stuff together. At the moment, each profile has a separate VPN, which is within the same device. Reusing the Owner profile VPN for completely separate device would be a major step backwards from the current approach and isn't really what we want to do.

Understood. Thanks.

OneSmartIdea avatar Nov 16 '22 02:11 OneSmartIdea