I noticed openvpn for android is not tunneling the apps in work mode through the vpn. Did you encounter this problem as well?
how can I get the work profile apps to use the vpn as well?
EDIT figured it out. you need two instances of the same vpn app running at the same time
I haven’t figured out how this works yet, but it seems like the two ‘users’ (work profiles count as a seperate user) have different network namesapces, or something similar. Essentially, even things like VPNs don’t propogate between the work container, and the regular app container.
Sounds like a reasonable explanation. IMO vpn apps should warn users because the vpn bypass is done transparently. The users might think that since they didn’t manually switch accounts (work and normal profile apps are used in parallel in the same session) that everything is going through the vpn.
I am using Island by oasisfeng to test this out.
I agree, but it also kinda makes sense since the work profile is supposed to be totally seperate from the regular stuff. With a bit of help I figured out how this works too. Android uses ip rules and uid ranges to add different route tables to different processes. You can see it if you spin up your vpn apps and then run $ ip rule from either ADB shell or any other shell on the device. The uidmatch conditions are how the different ‘namespaes’ are handled. basically each app process in the normal container has a normal-ish uid, while work profile apps have a very high uid.
But it’s not obvious for the avg user. Apps get separate storage but internet in all appearance is shared.
So…how do tunnel work apps when connecting to a vpn? I have adb enabled…you wouldn’t have time to help. a newbie out would you?
On a sidenote, I am convinced we’re doing something wrong, how can I push VPN settings to my phone JUST for work profile? That’s what I really want.
Setup a vpn in the work profile too