I’m going to try WireGuard but split tunneling is a must have feature for me as I only need around 20 over 200+ apps to go through VPN. So, if WireGuard doesn’t have good split tunneling options as OpenVPN does I won’t consider.
To be more specific, does WireGuard support something like OpenVPN does in the picture below :
Hi. Does anyone know how you can select individual apps on AndroidTV Wireguard client?
The current Android app does not filter on a per app basis, only a per route basis.
(edit) /u/kickaas revealed the error of my ways.
Yes it does. When adding the peer there is an all applications line, you can select an exclude or include list of apps.
This is the Android client, haven’t looked at my ios yet.
I found out that using /32 was breaking my split tunneling, I had to use /24. The only reason why I used /32 is because it’s the default network wireguard server created for me in QTS 5.
Add this line to the interface section in your config file:
IncludedApplications = com.whateverapp1.android, com.whateverapp2.android, com.whateverapp3.android
com.whatever being the name of the app you will find under version in settings > apps
For example to include analiti, mx player and tivimate (set them to use the vpn and exclude all other apps) you would add this line to [interface]:
IncludedApplications = com.analiti.fastest.android, com.mxtech.videoplayer.ad, ar.tvplayer.tv
I don’t really want to do split-tunnelling based on apps. There are apps that I want sometimes to use the tunnel and other times not depending on their target IP address.
Is there any way to do a more traditional route-based split-tunneling on WireGuard on Android? I’m not seeing any knobs for that.
This goes in the [Interface] section of the .conf
(In case anyone else who might need it)
It is fascinating that this is the only documentation of that setting on the entire internet. Thanks.
It’s too bad there is no way to do the inverse and exclude Android Auto. I don’t see AA as a separate package on android 13 (and I don’t know if ExcludedApplications is also a config setting).
Oh wow! My eyes glossed over that when I checked.
After the pencil in the first Interface section on mine there’s a “ALL APPLICATIONS” I apparently have never pressed. It looks like you can select Apps to exclude in a blacklist, or switch it to a whitelist and include only.
See the “Allowed IPs” field when you edit the profile on Android. If you set it to 0.0.0.0/0 it’ll send everything through the VPN. Or you can set it just to the IP ranges you want to go through it (e.g. your internal private IP addresses relayed through the VPN peer your client is connecting to). Multiple ranges can be listed if they’re comma separated. Notation is CIDR (e.g. “192.168.0.0/24, 10.5.5.0/24”)
I figured it out:
ExcludedApplications = com.google.android.projection.gearhead
Do you use always on VPN? I think it does not work because all nonvpn traffic is blocked then. Just want to make sure that it isn’t a configuration issue. Looked so long for a solution for this.
I can’t tell what you are asking but it definitely works. Yes my VPN is always on. I only send dns and 10/8 to the VPN.
