I was not aware of this until today. People use work profiles on Android to isolate their more privacy invasive apps. If you want those apps to be tunnelled through a VPN, you would have to install the VPN application you use on your work profile separately and turn it on separately in your work profile.
A hot spot also doesn’t share the same VPN connection.
I thought you could do that through the setting “Allow client to use VPNs” in Network & internet -> Hotspot and tethering settings
I wasn’t aware that you could do that on regular android. I can’t confirm it because i’m using grapheneos, and I know it doesn’t have that setting.
It is on my phone on CalyxOS. I’m not sure about other operating systems. It could be that is not.I did’t expect so much difference in functiinality since Calyx is based on AOSP.
This sounds like CalyxOS
Indeed it is. Is this not typical?
https://hackertalks.com/comment/260096
It is very much not typical
Ok thanks. I’ve been using CalyxOS for a while and l’m not caught up with “regular” Android. But if this features are so usefull why aren’t they merged to the AOSP (Android open source project)
But if this features are so usefull why aren’t they merged to the AOSP
Me every time I realize the ability to completely block network usage for an app is not Stock Android
It’s moments like these that make me realize oh Android is built primarily as a advertisement tool
The VPN sharing choice is at least logical. You have to make a decision when designing a system how your engineer the network stack. And if you say every profile and every user gets equal access to the network stack. Then you get this result.
But the feature of sharing VPN access is also useful. So it really just depends on what choice you made earlier. I don’t think this is necessarily evil.
In stock Android, VPN settings only apply per user per profile. So if you have multiple users running they have different VPN settings.
Work profiles don’t share VPN
User accounts don’t share VPN
Hotspot doesn’t share VPN
Teathering doesn’t share VPN
Yep, seems like it acts like another device. Different user. Would love to know if there is a solution aside from another vpn instance inside the work profile.
Can we talk about how stupid the way android handles VPNs and network adapters? Why on earth would you have to use VPN feature to use Zerotier?
Actuallyz the intended use of work profile is for… Work. You don’t want the corporate VPN to be Tue phone-wid3 VPN - do you?
The design is logical. Since we are all misusing it, I think it would be useful to be able to toggle a “share VPN” switch.
Does it use the samd Private DNS?
Yes, Private DNS carries over between profiles in my testing, just VPN that doesn’t
deleted by creator