Page 1 of 1

Problem with automatic profile switching and VPN

Posted: Thu Mar 22, 2018 5:35 pm
by Chazzo
A recent update to the TunnelBear VPN seems to have created a problem with automatic profile switching (APS) in Little Snitch. I wonder if anyone has a workaround?

Previously, LS identified every TunnelBear connection simply as "OpenVPN". It was therefore easy to set up APS to detect whether or not the VPN was connected, and set the appropriate profile.

But as of TunnelBear 3.5.3, I think, each connection has a network name of the form ip-xx-xxx-xxx-xx.lazerpenguin.com. LS treats each of these as different, even when "Settings > APS > Distinguish OpenVPN remote servers" is unchecked. As a result, I have to switch profiles manually (or set LS to ask each time).

Any ideas how to deal with this? TunnelBear has a simple user interface that doesn't provide any settings for network names. Of course, for all I know this version doesn't even use OpenVPN any longer. The description in LS has changed from "VPN (utun2)" to "VPN (ipsec0)", if that explains anything…

Re: Problem with automatic profile switching and VPN

Posted: Thu Mar 29, 2018 10:16 am
by Chazzo
Update: TunnelBear confirmed that the new network names relate to the fact that they are now using IKEv2 alongside OpenVPN. It's possible to force all connections to use OpenVPN:

Code: Select all

defaults write com.tunnelbear.mac.tunnelbear connectionProtocolOverride 0


To remove any overrides:

Code: Select all

defaults delete com.tunnelbear.mac.tunnelbear connectionProtocolOverride


I have not tried this. Apparently IKEv2 brings performance advantages, so for the moment I'm switching profiles in LS manually.

Re: Problem with automatic profile switching and VPN

Posted: Fri Sep 21, 2018 5:06 pm
by charlesmoore
I also use Tunnel Bear too and I had a similar question. Thanks for your kind information. It might be helpful for me.