[-- Attachment #1.1: Type: text/plain, Size: 287 bytes --] When configuring a tunnel in the MacOS client, there's an option called "On-Demand". If Ethernet and/or Wi-Fi are checked, the client will auto-connect the tunnel. It's a great feature, but the term "On-Demand" is misleading. I would suggest "Auto-Connect" or "Auto-Establish" instead. [-- Attachment #1.2: Type: text/html, Size: 381 bytes --] [-- Attachment #2: Type: text/plain, Size: 148 bytes --] _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Talk to Apple about that: https://developer.apple.com/documentation/networkextension/personal_vpn/vpn_on_demand_rules I'm hesitant to stray too far from the analogies that they set up, even if this is geared toward developers, because inevitably people start googling, and I'd rather them find what they're searching for. _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.1: Type: text/plain, Size: 765 bytes --] Hey Yoni, This is consistent with Apple's terminology [0], which I agree is not intuitive. Cheers, Alex [0] https://developer.apple.com/documentation/networkextension/personal_vpn/vpn_on_demand_rules > El 8 febr 2020, a les 22:25, Yoni Leitersdorf <litelite@gmail.com> va escriure: > > > When configuring a tunnel in the MacOS client, there's an option called "On-Demand". If Ethernet and/or Wi-Fi are checked, the client will auto-connect the tunnel. > > It's a great feature, but the term "On-Demand" is misleading. I would suggest "Auto-Connect" or "Auto-Establish" instead. > _______________________________________________ > WireGuard mailing list > WireGuard@lists.zx2c4.com > https://lists.zx2c4.com/mailman/listinfo/wireguard [-- Attachment #1.2: Type: text/html, Size: 1389 bytes --] [-- Attachment #2: Type: text/plain, Size: 148 bytes --] _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.1: Type: text/plain, Size: 1161 bytes --] The original concept behind "On Demand" is to trigger the VPN when it's needed - specifically when specific domains are being accessed. Indeed, Apple expanded it to even include interfaces that are connected, SSIDs, etc, in a non-intuitive way. However, what makes it somewhat more un-intuitive is the fact that these checkboxes appear in the main configuration screen for the tunnel. So, one just simply checks the boxes, thinking "I want VPN to work on-demand on all of my interfaces". Since, this feature works so oddly (compared to its name), I would recommend putting it under a separate dialog. In that dialog, we can explain what this feature does, and also allow for DNS names to be used, which is the main use case for VPN On Demand. On Sat, Feb 8, 2020 at 1:37 PM Jason A. Donenfeld <Jason@zx2c4.com> wrote: > Talk to Apple about that: > > > https://developer.apple.com/documentation/networkextension/personal_vpn/vpn_on_demand_rules > > I'm hesitant to stray too far from the analogies that they set up, > even if this is geared toward developers, because inevitably people > start googling, and I'd rather them find what they're searching for. > [-- Attachment #1.2: Type: text/html, Size: 1658 bytes --] [-- Attachment #2: Type: text/plain, Size: 148 bytes --] _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
Hi Jason, On a similar note, I’ve noticed that it isn’t possible to temporarily disable the interface if an On-Demand rule is active. Would it be possible to add something like the behavior of the WiFi toggle in iOS? That is, the wg interface is activated when connected to wifi, but disabling it via the menu bar will turn off On-Demand until a new wifi is connected (akin to moving with the iOS behavior) or “tomorrow” (probably more like 3am or something). Thanks Eric