Jump to content
Not connected, Your IP: 52.14.110.171

Recommended Posts

With the new openvpn connect for iOS you can activate the feature vpn on demand for leak preventing. See screenshot from client at the App Store So it is possible now to create openvpn profiles for iOS with this feature. Can you make a generator for that or publish new profiles in the future?

Share this post


Link to post

With the new openvpn connect for iOS you can activate the feature vpn on demand for leak preventing. See screenshot from client at the App Store So it is possible now to create openvpn profiles for iOS with this feature. Can you make a generator for that or publish new profiles in the future?

Go to https://docs.openvpn.net/connecting/connecting-to-access-server-with-apple-ios/faq-regarding-openvpn-connect-ios/ and search for

"Can I use iOS 6+ VPN-On-Demand with OpenVPN?". The instruction there explain how you can set up VPN-On-Demand.

Share this post


Link to post

Im not sure whether vpn on demand protects against leaks, from what it looks like is that it is a .profile that Automatically connects to a VPN  and or  automatically on boot, their is no indication that it will protect you against leaks"VPN on demand feature is not designed to preform that protection". 

From my reading the best way to protect against leaks is to open OpenVPN connect and tap on settings, and make sure the following settings are set as shown.

  • Enable reconnect on wake up, seamless tunnel and set connection timeout to = "Continuously retry" and network state Detection = active.

Also when generating a .ovpn profile, click iOS, check advance and use any UDP/TCP protocol that is using the "3" IP entry, I also enable "Resolved hosts in .ovpn file"

After you make those changes Thoroughly test and try to cause a IP leak on your end and do more reading on "vpn on demand", I may be wrong about its ability to protect against ip leaks using the vpn on demand. Use http://ipleak.net as a test site.

 

This is what the first part of my .ovpn looks like 

 

client

dev tun
remote 64.42.179.50 443
resolv-retry infinite
nobind
persist-key
persist-tun
auth-nocache
verb 3
explicit-exit-notify 5
remote-cert-tls server
cipher AES-256-CBC
comp-lzo no
proto udp
key-direction 1

Share this post


Link to post

Thx 4 reply community. I have tested this option with seamless tunnel, connection time out and network state detection. With this option you can reduce the leaking. After interrupting the vpn and automatically reconnecting there is leak for 1-3 secs. I have tested. But with on demand no package leave the tunnel at this time. It’s a short leak but dangerous. The governments strategy are one of this. They’re interrupting your connection and if u are clicking one of the links at this time you have been leaked. There are some apps that Apple makes it exclusively for functionality, so they can byepass the tunnel with on demand, too. But not in third party apps. No leaks after bypassing the tunnel in safari browsing with on demand. But this is a another discussion.

Share this post


Link to post

Thx 4 reply community. I have tested this option with seamless tunnel, connection time out and network state detection. With this option you can reduce the leaking. After interrupting the vpn and automatically reconnecting there is leak for 1-3 secs. I have tested. But with on demand no package leave the tunnel at this time. It’s a short leak but dangerous. The governments strategy are one of this. They’re interrupting your connection and if u are clicking one of the links at this time you have been leaked. There are some apps that Apple makes it exclusively for functionality, so they can byepass the tunnel with on demand, too. But not in third party apps. No leaks after bypassing the tunnel in safari browsing with on demand. But this is a another discussion.

If you have a suggestion for Apple on how they can improve iOS, you can post it with relevant details here https://bugreport.apple.com

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...