How to allow local traffic through VPN Killswitch?

thejacer

I'm using the Linux PIA app and prefer to keep the killswitch turned on, unfortunately when it's active the IPTables rules block local traffic. Is there anything I can do to allow local traffic while the killswitch is turned on?

PrivateKomrad

I have the same problem. I run PIA to protect an application that reads/writes all of its data from a network share on my home network. With killswitch enabled, it cannot access the network share which defeats the point of the running the application.

Can we get an "allow local traffic" option like the Cisco Anywhere VPN client has?    

Omnibus_IV

You can try adding a route to your route table...

https://www.privateinternetaccess.com/forum/discussion/24080/how-to-chat-with-other-devices-in-your-network#latest

PrivateKomrad

My workaround was to create a Windows virtual machine and run PIA VPN there. Local file share access works and it still passes DNS Leak tests. 

I understand blocking local network DNS access as local DNS usually forwards to an internet DNS server , which may cause DNS leaks. 

I might try the firewall rule another day as I still have the linux virtual machine that was my first attempt at using PIA with killswitch.  

martouf

the whole point of the killswitch is to create no-route-but-the-vpn .. if you want to use the vpn and local resources, then don't use the killswitch.

rmoody

martouf said:

the whole point of the killswitch is to create no-route-but-the-vpn .. if you want to use the vpn and local resources, then don't use the killswitch.

No, the point of the kill switch is to not allow internet access if the VPN drops. Why on earth would someone want this to only function in a way that blocks local traffic with no options to allow local traffic?

martouf

different words, same results.  "not allow internet access if the VPN drops" is the same as what I wrote. "no-route-but-the-vpn" means all packets must leave via the VPN.  all means exactly that.