Development discussion of WireGuard
 help / color / mirror / Atom feed
* WireGuard App on Android allows only one connection simultaneously
@ 2022-09-20  8:11 Christoph Loesch
  2022-09-21  8:29 ` Simon Rozman
  0 siblings, 1 reply; 4+ messages in thread
From: Christoph Loesch @ 2022-09-20  8:11 UTC (permalink / raw)
  To: WireGuard mailing list

Hi,

on Linux multiple connections at the same time are possible, on Windows also. I don't have a Mac so I can't test there.

When having two tunnels configured in the Android App, while one is connected if I connect to the second one, the first one disconnects.

Is there any reason as why the Android App only allows one connection at the same time?

Thank you and kind regards,
Christoph


^ permalink raw reply	[flat|nested] 4+ messages in thread

* RE: WireGuard App on Android allows only one connection simultaneously
  2022-09-20  8:11 WireGuard App on Android allows only one connection simultaneously Christoph Loesch
@ 2022-09-21  8:29 ` Simon Rozman
  2022-09-21  8:56   ` Endre Szabo
  2022-09-22 20:54   ` Christoph Loesch
  0 siblings, 2 replies; 4+ messages in thread
From: Simon Rozman @ 2022-09-21  8:29 UTC (permalink / raw)
  To: Christoph Loesch, WireGuard mailing list

Hi,

> on Linux multiple connections at the same time are possible, on Windows
> also. I don't have a Mac so I can't test there.
> 
> When having two tunnels configured in the Android App, while one is
> connected if I connect to the second one, the first one disconnects.
> 
> Is there any reason as why the Android App only allows one connection at
> the same time?

Unfortunately, this is a limitation of Android OS supporting only 1 (one) VPN connection at a time.

Regards,
Simon

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: WireGuard App on Android allows only one connection simultaneously
  2022-09-21  8:29 ` Simon Rozman
@ 2022-09-21  8:56   ` Endre Szabo
  2022-09-22 20:54   ` Christoph Loesch
  1 sibling, 0 replies; 4+ messages in thread
From: Endre Szabo @ 2022-09-21  8:56 UTC (permalink / raw)
  To: wireguard

Hi,

On Wed, Sep 21, 2022 at 08:29:17+0000, Simon Rozman wrote:
> Unfortunately, this is a limitation of Android OS supporting only 1 (one) VPN connection at a time.
Just a theoretical thought experiment (I don't know Android arch well, I might be wrong at any of these points):
 
- AFAIK, having a VPN (VPN app) on an Android involves creating a tun device for that app
- kernel RPDB mumbo-jumbo (Android has set that up) will route (all or app-specific (based on processid?) selected) traffic to that VPN app
- the VPN app will be left with 'the default routing table' free to establish unlimited outbound unencrypted connections
- WG on android is implemented in userspace, in the WG app (using go implementation?)
- Since this app has unlimited/untunneled access via 'the default routing table' it is free to establish more than 1 WG sessions (of course, in-app cryptokey routing and all the usual limitations still apply)
- Current WG app (and especially its widget) will not allow only one VPN session at a time.
 
Would it be possible to lift this limitation? Or is this limitation of another nature?

--Endre

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: WireGuard App on Android allows only one connection simultaneously
  2022-09-21  8:29 ` Simon Rozman
  2022-09-21  8:56   ` Endre Szabo
@ 2022-09-22 20:54   ` Christoph Loesch
  1 sibling, 0 replies; 4+ messages in thread
From: Christoph Loesch @ 2022-09-22 20:54 UTC (permalink / raw)
  To: Simon Rozman, WireGuard mailing list

Hi,

(thanks to mohammad who pointed me in the right direction)

Am 21.09.2022 um 10:29 schrieb Simon Rozman:
> Unfortunately, this is a limitation of Android OS supporting only 1 (one) VPN connection at a time.

Note: Limitation of not rooted devices. The app works with userspace backend until you root your device.

Once rooted you need to allow root-access to the app (it asks for root if your device is rooted) and then you can enable the use of kernel module/backend in advanced settings.
Then enable option for multiple tunnels at the same time.
Maybe it's worth to put hint for that in the app?

Works great so far.
(Sure, you have to keep an eye on used IP-ranges/routes that could be same on different tunnels what could result in unexpected behaviour when used simultaneously.)

Thank you very much and kind regards!
Christoph


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-09-22 20:55 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-20  8:11 WireGuard App on Android allows only one connection simultaneously Christoph Loesch
2022-09-21  8:29 ` Simon Rozman
2022-09-21  8:56   ` Endre Szabo
2022-09-22 20:54   ` Christoph Loesch

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).