ios-app
ios-app copied to clipboard
ivpn
Bypass VPN for local networks
Description
Add an option in the Settings to allow VPN bypass for accessing local network while VPN is connected.
This should be configured using following APIs: https://developer.apple.com/documentation/networkextension/nevpnprotocol/3143658-excludelocalnetworks https://developer.apple.com/documentation/networkextension/nevpnprotocol/3689459-enforceroutes
I'm still investigating is there a case where a VPN tunnel on an iOS device will block access to local network devices (e.g. printer, smart TV, etc.).
Screen Time seems to be blocked between two iOS devices on the same local network. This bypass feature may help resolve this case.
@jordan-ivpn We'll test this case and implement the feature in one of the next releases. Thanks for the report!
Would be amazing to have this implemented, Universal Clipboard for example could work then. (Copy pasting between iOS devices)
Our first attempt to implement Apple's excludeLocalNetworks API didn't work as expected. Will give it another try on the latest iOS Beta and see how it goes.
Handling calls from a watch when the VPN is connected on a phone might be another use case.
IOS 16.3.1 WatchOS 9.3.1 iVPN 2.8.0 (8) (Kill switch off)
While iVPN is connected network connection from Apple Watch to iPhone via same network Wifi is blocked. However local network access to other devices from iPhone is not blocked, I can access my router's internal IP (like 192.168.1.1) via browser on iPhone with no issues.
Steps to reproduce:
- Go away from your iPhone with your Apple Watch on your wrist, so that you are out of Bluetooth range, but still in the Wifi range of the same network
- Call on your iPhone and watch will not ring
- Send a message to your iPhone and notification will not get to the watch
Please look at the implementation of ProtonVPN IOS app, there is no such issue there: https://github.com/ProtonVPN/ios-mac-app
@jordan-ivpn @jurajhilje Any updates on this issue? This is super annoying and preventing me and 2 of my friends on fully migrating to iVPN. Any ETA?
@alexamiryan I can't give any ETA. However, I will give this one more try and probably include it in one of the next TestFlight public betas.
@alexamiryan I can't give any ETA. However, I will give this one more try and probably include it in one of the next TestFlight public betas.
Can I join the TestFlight to help with the testing? If yes, how?
@alexamiryan I can't give any ETA. However, I will give this one more try and probably include it in one of the next TestFlight public betas.
Can I join the TestFlight to help with the testing? If yes, how?
For sure, you can join right now and you will receive notifications about new beta versions via TestFlight app: https://github.com/ivpn/ios-app/blob/develop/.github/CONTRIBUTING.md#beta-program
@alexamiryan Do you have any use case other than blocked notifications on your Watch? E.g. some of the Apple's Continuity features? I'm trying to find a reliable test case, one which does not require Bluetooth but only that devices are on the same local WiFi network.
The only one that bothers me is the phone calls on the watch. When I am away from my phone or with my second iPhone and call comes to my main iPhone, I am not getting call notification when iVPN is active.
Do you have any use case other than blocked notifications on your Watch? E.g. some of the Apple's Continuity features?
For me it's the universal clipboard. Copying on Mac, pasting on iPhone, or vice versa.
Hi team, I had emailed support about not having local network access when IVPN is connected AND using a custom DNS server. My use case is running IVPN + custom DNS and being able to access my streaming services via Sonos (Apple Music, Spotify, pandora, etc) which I can not currently do. It’s possible as soon as I disable the custom DNS functionality. I was told to track this ticket but I see that it’s marked as won’t do. Just curious if you have thoughts or if this is such a specific use case it won’t make it back on the road map.
@davescherler By default, iOS allows LAN access when VPN is connected (that's why we closed this issue). I'm curious why it's blocked when using a custom DNS. I'll try to reproduce this issue on my end.
@gorkapernas I was not able to reproduce the blocked LAN access when connected with Custom DNS (tested plain DNS, DoH and DoT). Can you please try to reproduce on your end?
@jurajhilje LAN access works as expected for me when connected with custom DNS (tested with a next DNS endpoint). I think the issue might be specific to the Sonos app, I found this old thread on reddit where a user explains the same exact issue -> https://www.reddit.com/r/nextdns/comments/y4ze06/cant_access_music_services_in_sonos_app_when/
@davescherler could you confirm if LAN access works for you in other instances or does the issue only happen with Sonos?
I can confirm LAN access works as expected with IVPN in all other cases. I guess it could be a Sonos specific thing, perhaps I will follow up with them. The last thought I will leave with you is that Mullvad VPN let’s you set a custom DNS, limited to IPv4 addresses only, and that combination doesn’t interfere with Sonos — it works as expected for me. BUT my ideal setup is running my custom DNS over DoH which IVPN supports + your iOS app is just outright better. I don’t expect you to have an answer to that just thought that might tell you more than it does me. Anyway, I appreciate you looking into it!
@davescherler Thanks for the feedback. Please let us know if you find more details about the issue. If we find that it is an edge case we can fix or support, I would be happy to do so.