I think you do not yet get my idea,
the kill switch is to PROTECT us, so that when there is no VPN,
nothing is sent out.
yet if I turn on VPN already, but also turn on VPN policy WITH a empty list,
then all connected devices are suring using ISP IP == danger
(when the list is empty, yes the devices are listed out,
but ALL of them are then turned into using ISP IP!
So if you can digest what I say, can understand, you should know
the KILL SWITCH is NOT SAFE)
thanks
hi as said above,
when VPN is ON, kill switch is ON,
and when the list is empty, as in the screen shot,
everything is using ISP IP!
the kill switch should not be overide with a EMPTY list (I dont mind
if it is overide by a SET list, but must not be by an empty list).
thanks
the problem here is,
when I set PC A to use VPN,
and with a kill switch to hope to keep so.
an empty list (made by activating VPN policy, but not yet add-ed the PC B as it’s
not yet installed. ) turn PC A to use ISP IP to surf.
that’s not logical.
Here’s what I expect:
If the Internet Kill Switch is enabled, then NO traffic should go through the ISP.
If VPN Policies (eg, exceptions) are then added, then NO traffic should go through the ISP until these are APPLIED (ie. the Apply button is clicked).
you should also mention if there is VPN or if there is no VPN.
your message is not concise.
thx for reply.
What I THINK should be:
Background:
there is PC A, aim for using VPN IP
there is PC B, aim for ISP IP (but not yet installed)
case A: Kill Switch ON, VPN +, PC A using VPN IP
case B: Kill Switch ON, VPN -, PC A should offline, but now PC A is using ISP IP!
it’s leaking thru ISP IP!
Well, the Internet Kill Switch should kill anything not going through the VPN, so if VPN not enabled, then no traffic.
Regarding the VPN Policies, then everything excluded can go out to the internet. All other traffic would be dependent on whether the VPN is enabled or not.
yes what you said is what expected,
the only thing is:
when the total list is PC A, PC B.
if u state “exclude B”, then ofcoz result is exclude B. BrumeW did this.
But when you state “exclude empty list”, I expect exclude nothing, but BrumeW now is exclude EVERYTING.
that’s the problem.
And I made my self clear enough.
Agreed, If you enable VPN Policies and select “do not use for the following”, then it should be that everything still goes through the VPN, except items listed - if that list is empty => no exclusions (or NOTHING, as you put it).
final:
as seen in this photo.
“do not use VPN for the following”,
the list is empty,
HOWEVER, there is a “ALL mac address” there,
and thus means “exclude everything”.
literally, the router is correct,
but logically, this is wrong.
Yes, I see that now - appears that “all MAC addresses” is the default.
There is NO “empty list”.
You cannot exclude nothing. It has to be All or Something.
If you want to exclude NOTHING, think our include ALL.
Just want to say in everyday language,
exclude (empty list) = exclude nothing. exclude ALL = really exclude ALL.
The brume may behave like what you say (exclude empty list also = exclude ALL) for some reason,
may be this is easier for programming etc.
but certainly, layman will think as the everyday language i mentioned above,
as agreed by another user.
thanks
I do agree with you.
Now the UI is designed by Engineers, not product managers. We need better design to make it work for consumers. We will develop this on smartphone app.
Been a little while, but I have re-visited this and done some further testing.
My conclusion is that I wholly concur with posts 1 and 3:
The VPN policy is flawed in that if you set “Use VPN for all processes on the router” and click apply with an empty exclusion list (ie. everything is included) it does the complete opposite to what it says. ie. ALL traffic is excluded and uses ISP.
Regarding the Kill-Switch - this also fails as it is over-riden in the above scenario (ie. use VPN for all processes and set an empty exclude list).
I would kindly ask that these serious leak issues are addressed ASAP!
From your screenshot, it is clearly that, you exclude all for vpn, i.e. do not use vpn for all.
You’re joking right? I have “VPN for all processes” enabled and nothing in the “do not use VPN for” list!
To me, (and the OP, for that matter) both those settings mean use VPN for everything!
This should be the default situation (where 11:11:11:11:11:11 is a made up MAC)
If you do not add any item in the list, it means “do not use vpn for the following” → all Mac addresses
There is “Do (not) use vpn for all Mac address” logic
There is no “Do (not) use vpn for empty list” logic.
OK, having had a much closer look, I see what is happening here now - I see you have added the words “all MAC address” if you click apply with an empty list (I think this was added in 3.105 which I am testing currently). That clarifies things somewhat, although I would rather have had that in the drop down box to be selected and not pushed as the default.
we can always improve the UI. Pls use the current logic and UI for now. Thanks.
