Wanted to share something I found out about today when I was troubleshooting Jellyfin, hopefully it will help people out. Jellyfin wouldn’t connect when I had LAN Connections enabled on ProtonVPN, so I contacted support. They let me know that having Kill Switch enabled with LAN connection is incompatible:

"…the Killswitch and Allow LAN connections features are mutually exclusive due to their functionality differences, you will be unable to utilize both of them at the same time.

Unfortunately, due to compatibility issues within these features and some users experiencing issues when utilizing both of them, our team decided to make them mutually exclusive, therefore, at this moment you will not be able to utilize the Killswitch feature and have access to your LAN, therefore, if you wish to have access to your LAN, we suggest you keep the Killswitch feature disabled."

Not sure I understand how the two settings are related, but good to know! Another note is that Split Tunneling had no effect on this, so clearly Kill Switch also effects apps that are excluded in split tunneling also.

  • originalucifer@moist.catsweat.com
    3·
    1 month ago

    honestly, i expect this behavior with a kill switch.

    but i switched to an easier to manage prevention mechanism; you run your vpn connection in its own container using gluetun, and then run your torrent client (or whatever app youre locking down) in a container with its network defined as the vpn container. your lan access the downloads via the docker host.

    no muss, no fuss, no bleeding

    • ashaman2007@lemm.eeOPEnglish
      2·
      1 month ago

      Interesting! I have heard of gluetun but never tried it. What about the mobile scenario? In this case I was using Jellyfin client on Android to access the server on my PC

      • originalucifer@moist.catsweat.com
        1·
        1 month ago

        i use jellyfin also, but i dont hide it behind my VPN… no real reason to. it already has valid SSL cert, and user credentialing. so my jellyfin container uses the hosts network.

        i only really care about my ISP detecting torrent activity as they can shut me down.

        • ashaman2007@lemm.eeOPEnglish
          1·
          1 month ago

          Right, I don’t want to either… But apparently split tunnel doesn’t work as I expected, since Kill Switch still affects apps that are excluded in split tunnel