Using with VPN

General discussions about Little Snitch
LTC_CAT
Posts: 1
Joined: Fri Oct 19, 2012 6:34 pm

Using with VPN

Postby LTC_CAT » Fri Oct 19, 2012 6:47 pm

Hi,

I've recently downloaded Little Snitch.

I'm using a paid VPN service for anonymity, and I wish to use LS to prevent all network connections that don't go through the VPN tunnel, but I cannot figure out how to do that.
Is that possible?

Thanks for your help!

nick88
Posts: 2
Joined: Fri Aug 16, 2013 8:20 pm

Re: Using with VPN

Postby nick88 » Fri Aug 16, 2013 8:31 pm

Up... I'm also interested in this topic.

WebDesZ
Posts: 3
Joined: Sat Oct 05, 2013 11:36 pm
Contact:

Re: Using with VPN

Postby WebDesZ » Sun Oct 06, 2013 1:41 am

Use the configuration provided in following thread: http://forums.obdev.at/viewtopic.php?t=8650

(It seems as their is no bug)

If many people need this, I will make a detailed tutorial about this.

littlewitch
Posts: 1
Joined: Thu Oct 24, 2013 3:01 pm

Re: Using with VPN

Postby littlewitch » Thu Oct 24, 2013 3:11 pm

I have set 5 different profiles and the only one I can't get to work is for my VPN. I use OpenVPN via Tunnelblick, and I need help with getting that connection to show up in Little Snitch.

Some people seem to get it to work with OpenVPN (like the one who posted in this thread right above this post) but I'm not sure if that is with a separate network configuration in OS X built in network settings panel? I only have 1 Wi-Fi connection configured, and when I connect to my VPN service I use Tunnelblick. When I'm done I disconnect Tunnelblick, still connected to the same Wi-Fi. Will this prevent me from being able to use automatic profile switching for my VPN?

I'm guessing Little Snitch only works with whatever connections are listed in OS X network settings panel, since that's where the iPhone tethering options for bluetooth and USB are listed along with Wi-Fi and ethernet, and they all work. Please, if anyone has a solution let me know, it's the last piece I need for a complete configuration.

In the meantime I'm looking into Apple Script. If anyone can help me out please share. I'm thinking something like:

tell application "Little Snitch Configuration" to activate profile "VPN"
then tell application "Tunnelblick"
connect "VPNconfig"
get state of first configuration where name = "VPNconfig"
repeat until result = "CONNECTED"
delay 1
get state of first configuration where name = "VPNconfig"
end repeat
end tell

But I haven't tested this as I'm not very good with Apple Script. All I have done is look around the web for solutions to other problems and tried to combine the solutions to my own need, but I need help making it work. I have also tried to create a universal keyboard shortcut to activate the nested menu item "Profiles->VPN" in the keyboard shortcuts settings but that didn't work. I tried all of the different Little Snitch applications (the agent, the config and so on), and even a universal shortcut but it didn't work..

Hopefully this post can inspire someone to finish off my idea :roll:

manfred
Objective Development
Objective Development
Posts: 562
Joined: Sat Jul 31, 2010 9:47 am
Location: Vienna
Contact:

Re: Using with VPN

Postby manfred » Mon Oct 28, 2013 1:01 pm

LTC_CAT wrote:I'm using a paid VPN service for anonymity, and I wish to use LS to prevent all network connections that don't go through the VPN tunnel, but I cannot figure out how to do that.
Is that possible?

That's definitely possible. I would suggest the following configuration:

At least two different profiles:
  • Untrusted
  • Trusted
In Preferences choose to activate your »Untrusted« profile when joining an unknown network. In your »Untrusted« profile create rules
to deny all unwanted traffic. In addition assign your »Trusted« profile only to your VPN connection and add allow rules according to your
usage.

littlewitch wrote:I'm guessing Little Snitch only works with whatever connections are listed in OS X network settings panel, since that's where the iPhone tethering options for bluetooth and USB are listed along with Wi-Fi and ethernet, and they all work. Please, if anyone has a solution let me know, it's the last piece I need for a complete configuration.

Besides the built-in options, Little Snitch should detect OpenVPN as well. If you notice any issue in this case, please contact our technical support.

littlewitch wrote:In the meantime I'm looking into Apple Script. If anyone can help me out please share. I'm thinking something like:

Little Snitch protects itself against scripting. It is not possible to switch profiles using AppleScript.

please
Posts: 1
Joined: Tue Nov 19, 2013 6:44 am

Re: Using with VPN

Postby please » Tue Nov 19, 2013 6:45 am

WebDesZ wrote:Use the configuration provided in following thread: http://forums.obdev.at/viewtopic.php?t=8650

(It seems as their is no bug)

If many people need this, I will make a detailed tutorial about this.


If you're still willing to make one, I'd appreciate that, thanks!

Rough Cut
Posts: 4
Joined: Thu Nov 21, 2013 5:23 am

Re: Using with VPN

Postby Rough Cut » Thu Nov 21, 2013 5:50 am

please wrote:
WebDesZ wrote:Use the configuration provided in following thread: http://forums.obdev.at/viewtopic.php?t=8650

(It seems as their is no bug)

If many people need this, I will make a detailed tutorial about this.


If you're still willing to make one, I'd appreciate that, thanks!


I would also be interested too and although I work through VPN often I also need to switch or allow my ISP mail connections which don't always work via VPN with a mail client. So any thoughts there would be appreciated also.

macuser
Posts: 1
Joined: Sun Dec 08, 2013 10:26 am

Re: Using with VPN

Postby macuser » Sun Dec 08, 2013 10:27 am

I'm interested too!

Grant
Posts: 1
Joined: Thu Dec 19, 2013 5:18 am

Re: Using with CloakBox ProVPN

Postby Grant » Thu Dec 19, 2013 5:22 am

Just ordered CloakBox Pro VPN router. Since this is a router, rather than VPN s/w config, will Little Snitch work without these suggested VPN configurations?

Blaine76
Posts: 2
Joined: Sat Dec 21, 2013 10:23 am

Re: Using with VPN

Postby Blaine76 » Sat Dec 21, 2013 10:30 am

Thanks for the post!

jadanke
Posts: 2
Joined: Sat Jan 25, 2014 11:50 am

Re: Using with VPN

Postby jadanke » Sat Jan 25, 2014 11:58 am

Once again for me, please. Und am liebsten auf deutsch.

I want to create a rule which allow a specific app to connect to specific IP-Range.
I create a rule and choose "allow" at first for the incoming for the specific process, and IP-Range from 212.xxx.xxx.1 to 212.xxx.xxx.255 and the same for outgoing.
I'm connected with my vpn-prog to a server with this special IP but little snitch asked me again for permission to connect?
I thought this rule is for alle connection when I'm connected to this vpn-location. How can I create a rule that works?

bradhaddin81
Posts: 1
Joined: Thu Mar 24, 2016 1:20 pm

Re: Using with VPN

Postby bradhaddin81 » Thu Mar 24, 2016 1:26 pm

I have already searched for LS to connect all network without any difficulty but I thing Ivacy vpn https://www.ivacy.com/australia-vpn/ is more useful in these conditions through this you can connect multiple networks which is the most valuable advantage. It is also having 85% Easter VPN discount offer which we have not seen before in industry.

niko käst
Posts: 3
Joined: Sun Nov 09, 2014 4:39 am

Re: Using with VPN

Postby niko käst » Wed Mar 30, 2016 8:08 pm

I am not a securities expert, but isn't the point of premium paid VPNs (the reliable ones, anyway) that ALL internet traffic is encrypted in the tunnel? Mine does...if yours doesn't cover certain protocols, like BitTorrent for example, then it isn't "premium" and you should switch providers. Lately I've seen some incredible lifetime memberships to some of the top rated VPNs for about 50$!. I jumped on that right away.

On another note, I too would be very grateful for an applescript to block connections when VPN drops. I have also submitted this as on official feature request, as many VPNs offer their own clients which can be preconfigured to autoquit specified apps if/when connection drops.

RLD
Rank 1
Rank 1
Posts: 21
Joined: Sun Aug 10, 2014 8:45 pm

Re: Using with VPN

Postby RLD » Thu Mar 31, 2016 3:20 am

This is what profiles can be used for. Set up one as a proxy profile with vpn and your bittorent client allowed. Then set up one as a no proxy profile with the bittorent client denied/incoming/outgoing. when the vpn goes down profile switches to no proxy and nothing is passed by the bittorent client. Sorry to say it works great for me. If it doesnt work for you then you need to rethink how your rules are set up.

Your VPN client needs to allow your VPN providers specific server IPs/ports. I use tunnelblick normally; as well as my VPN providers client sometimes. My VPN provider has 40 diff servers and dynamic IPs within those servers. So I have multiple range IPs in my rules... i.e. 138.202.24.000/60

Except in a few cases I do not allow any ports outside 1030-65535 for all programs unless they specifically need them like mail/web browser/vpn/local only network/time protocol. I dont use chat programs/mail in any form while on my vpn. or programs that act as a browser such as a rss reader as they can leak your real ip.

It was mentioned earlier that LS cannot use applescript. This is false, You have to enable Allow gui scripting and scripting addition in preferences under security.

sarahadames
Posts: 2
Joined: Wed Apr 06, 2016 2:18 pm

Re: Using with VPN

Postby sarahadames » Tue Apr 26, 2016 1:22 pm

I'm not so technical for that question but i have faced that before, meanwhile i have done some research and found Expressvpn (Detailed ExpressVPN Review). I don't remember yet how i configure it but that was really quick. i have simply connect to support live chat and they helped really quick. Also you can have a look to PureVPN (Detailed PureVPN review)
Last edited by sarahadames on Sat Sep 24, 2016 10:33 am, edited 1 time in total.


Return to “Little Snitch General”

Who is online

Users browsing this forum: No registered users and 7 guests