Jump to content

VPN split tunnel


Go to solution Solved by itman,

Recommended Posts

Hi,

I have Eset Internet Security on Windows 10 x64 - both software updated with the last updates. 
I have installed surfshark, and when I activate the whitelist function (to make some traffic go through the VPN and other traffic) to go outside the VPN - apps that are "whitelisted lose the internet."

I have uninstalled eset, and the app starts working without issues and reinstalled and the issue reappeared.

I have added surfshark folder to the exclusions and also in the firewall created a rule to allow all traffic. But it doesn't seem to make any difference.

 

 

Anyone had the same problem?

 

Any solution?

 

Thanks

 

Link to post
Share on other sites

For starters, create an Eset firewall rule for surfshark.exe including its full path name. Set the rule to allow all inbound/outbound UDP and TCP protocol traffic. Move the rule to the top of Eset's existing firewall rule set. Make sure to save your firewall rule changes.

If Surfshark works OK after performing the above, the issue lies with an existing Eset user created or default firewall rule.

Link to post
Share on other sites
On 2/21/2021 at 9:32 AM, Tiago said:

I have installed surfshark, and when I activate the whitelist function (to make some traffic go through the VPN and other traffic) to go outside the VPN - apps that are "whitelisted lose the internet."

The issue as you posted appears to be this Whitelister feature of Surfshark VPN.

As I interpret this feature, a "dual fork" network connection scenario is being created. Whitelister specified apps are bypassing the VPN and using the Win default network connection. A lot depends of how SurfShark handles this.

I suspect that this rerouting of Whitelister app network traffic is being done internally by the surfshark.exe program. In other words all Eset "see's" network-wise is the Surfshark VPN connection. Also whereas Eset will allow for and if required create multiple known network connections, it will only use one of those as the active network connection. In this instance, it is the Surfshark VPN connection.

At this point, I would recommend you open a tech support request with Eset U.K. on this issue. Maybe they know a solution. I am out of ideas on a resolution other than not using the Whitelister feature. 

Link to post
Share on other sites

I would also contact SurfShark tech support in regards to a workaround in regards to Eset Internet Security use. I would imagine that this issue has cropped up previously in other AV Internet security products employing a firewall.

Edited by itman
Link to post
Share on other sites

One other setting to check in Eset GUI.

In Firewall settings, verify that "Protection type of new networks" is set to "Use Windows setting" per the below screen. It should be since this is the Eset default setting.

Eset_Networks.thumb.png.c08ad95111230f42a9645affe6c4040b.png

Link to post
Share on other sites
  • Solution

I also found this article on VPN split tunneling in Windows: https://www.comparitech.com/blog/vpn-privacy/vpn-split-tunneling/ .

Scroll down to this section titled: How to split tunnel on Windows. In this section is described how to verify if split tunneling is enabled for your VPN connection using PowerShell commands. Also described is how to enable split tunneling if it is not enabled.

One possibility here is the Eset installation in some way disabled split tunneling on the SurfShark VPN connection for some unknown reason. Therefore, the first thing you want to do is verify if split tunneling is enabled (a value of "true") for the SurfShark VPN connection. If it is disabled, enable it and see if that resolves this issue when Eset is installed.

Edited by itman
Link to post
Share on other sites

Hi itman
I want to really thank you for your effort and research.
I am grateful even though, unfortunately, we couldn't yet fix the issue.

Surfshark says it is an eset problem. Eset syas it is a sufshark probelm 

All the best

Link to post
Share on other sites

I guess I should also note that other AV solutions appear to have issues with VPN split tunneling. I saw a web posting that AVG/Avast doesn't support it. Eset should at least research this and post a KB article stating they also don't support it if that is the case.

Edited by itman
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...