Problem with automatic profile switching and VPN

General discussions about Little Snitch
Post Reply
Chazzo
Posts: 10
Joined: Sun May 19, 2013 6:41 pm

Problem with automatic profile switching and VPN

Post by Chazzo » Thu Mar 22, 2018 5:35 pm

A recent update to the TunnelBear VPN seems to have created a problem with automatic profile switching (APS) in Little Snitch. I wonder if anyone has a workaround?

Previously, LS identified every TunnelBear connection simply as "OpenVPN". It was therefore easy to set up APS to detect whether or not the VPN was connected, and set the appropriate profile.

But as of TunnelBear 3.5.3, I think, each connection has a network name of the form ip-xx-xxx-xxx-xx.lazerpenguin.com. LS treats each of these as different, even when "Settings > APS > Distinguish OpenVPN remote servers" is unchecked. As a result, I have to switch profiles manually (or set LS to ask each time).

Any ideas how to deal with this? TunnelBear has a simple user interface that doesn't provide any settings for network names. Of course, for all I know this version doesn't even use OpenVPN any longer. The description in LS has changed from "VPN (utun2)" to "VPN (ipsec0)", if that explains anything…

Chazzo
Posts: 10
Joined: Sun May 19, 2013 6:41 pm

Re: Problem with automatic profile switching and VPN

Post by Chazzo » Thu Mar 29, 2018 10:16 am

Update: TunnelBear confirmed that the new network names relate to the fact that they are now using IKEv2 alongside OpenVPN. It's possible to force all connections to use OpenVPN:

Code: Select all

defaults write com.tunnelbear.mac.tunnelbear connectionProtocolOverride 0


To remove any overrides:

Code: Select all

defaults delete com.tunnelbear.mac.tunnelbear connectionProtocolOverride


I have not tried this. Apparently IKEv2 brings performance advantages, so for the moment I'm switching profiles in LS manually.

charlesmoore
Posts: 3
Joined: Fri Sep 21, 2018 5:00 pm

Re: Problem with automatic profile switching and VPN

Post by charlesmoore » Fri Sep 21, 2018 5:06 pm

I also use Tunnel Bear too and I had a similar question. Thanks for your kind information. It might be helpful for me.

Post Reply