How do I login to new Wifi when Network Lock is active?

[Snowplow 2]

When visiting a new location, such as an airport or coffee shop, it is my intention to have Network Lock active before even connecting to this new Wifi.  I have not successfully accomplished this -- it seems I must have Network Lock disabled in order to connect to the new network.  So long as Network Lock is disabled, it will connect to the Wifi immediately then work as normal.

How can I have only the Wifi login bypass the Network Lock tunnel such that all other traffic is still locked to the tunnel?

FYI my last attempt at using the advanced features of Eddie to allow my corporate VPN to bypass the tunnel was an epic failure....maybe I'll write up another thread on that someday.

macOS Mojave 10.14.6
Eddie 2.16.3

Thanks,
Snowplow

[Snowplow 2]

Anybody?  Am I the only one with this issue, or am I going about my setup incorrectly?

[tonyaldo 1]

It's impossible because you need to reach the AP ip. When network lock is enabled it has no idea where to point you when you join the access point due to the DNS lock. You would have to enable lan access.

[Snowplow 2]

Thank you for the reply!  I thought it was just me.  So basically whenever you need to connect to a new Wifi, there will be a data leak window until getting the network lock activated.

[Doggy 0]

I have the same concern.  With almost all public wifi, after connecting I get redirected to say "accept terms" or something along those lines.  But if I have airvpn on, it does not go to this site, and therefore I can not connect to the internet.  So basically, I have to connect without vpn, then turn on vpn later, which I guess is better than nothing but I think many apps etc will already be sending data as soon as they detect the internet.

[iwih2gk 93]

Network Lock and firewalls can be confusing, however there is no reason to fear.  Lets move to your home LAN as a simple example.  While sitting within your router's wifi range and you boot your machine it will auto-connect (most have their network connections set to auto connect).  There is no practical way to set your wireless "nic", if running, to not see the router or vice versa.  The only issue is will it connect?  That is how the internet works.  Lets continue:

I had the same concerns as you guys.  Let me define my concern as it applies to those airport wifi fears directly.  I wanted to posture my laptop in a way where I ASSUME all LAN devices are hostile to my running machine.  I wanted to make absolutely certain that no other device on LAN, and especially a hostile router or hostile modem could attack my internet workspace on the running laptop.  The answer is a decently constructed firewall, which is enabled 24/7 if the machine is booted.  Many know I am a linux geek so I created a UFW (ip tables front end) firewall that tells my machine there is ZERO traffic in or out- no exceptions.  That means that if I boot the laptop and attempt to go online absolutely anywhere there is NO possibility of that happening.  Also, nothing on my machine (apps, etc) can go in the other direction as many of you fear with airport connections.  Now along comes Eddie (you can do this with your own configuration if you want but Eddie does it for you) and when I connect it automatically copies my iptables to a file and moves it out of the way and creates the connection information itself making CERTAIN that the only data IN or OUT happens through the encrypted tunnel- again no exceptions.  Those apps, programs, and anything related cannot enter or leave the tunnel before, during, or after my Eddie session.  When Eddie closes it automatically returns my original ip table to its original location and again the laptop is totally locked to internet workspace.

Avoiding a bunch of technical jargon the LAYERS of internet workspace are different than the wifi connection initially.  Eddie can only accomplish this task because you the user provide sudo su (super user) permissions.  The same can be done on other OS's, but I dedicate my time to Linux.  This is simple stuff.

I hope this helps ease some of your concerns.  I would have no fear while sitting directly on a hostile airport wifi.  Absolutely none!