Guidelines
Bug description
Please see #13209#issuecomment-4147062711 for original context.
I've setup OpenVPN for Android, specifically only to route an RFC1918 private IPv4 subnet and an RFC4193 private IPv6 subnet. There are no default routes or DNS overrides through the VPN. This is purely a "split tunnel" VPN by classical definition, in that the VPN adds supplemental routes to the routing table rather than hijacking all internet connectivity, not to be confused with Android's VPN app exclusions functionality that several people call "split tunneling".
It looks like other people have also experienced this issue while utilize Wireguard, with the common factor being that 0.0.0.0/0 or ::/0 are NOT routed through the VPN; internet connectivity is still wifi/cellular while the VPN is enabled.
For me, Signal appears to be failing to make new connections after the VPN is connected. More specifically:
- Signal failed to initiate/receive calls when connecting the VPN after WebSocket was already established, but messaging still worked
Signal failed to send/receive messages after killing/reopening the app (I encountered this recently but I was unable to reproduce this on a second phone)
Furthermore, this same behavior regarding split tunnels was also identified 6 years ago; the user claims that switching to a full VPN configuration allowed Signal to make calls. See: https://www.reddit.com/r/signal/comments/eshchu/comment/ff9yt0u/
I was able to work around the issue and get Signal to work with my split tunnel VPN active by excluding Signal in the OpenVPN profile's "allowed apps" settings... This may also become easier to configure for other VPN apps in Android 17. I was also able to again reproduce the issue after removing Signal from the OpenVPN profile's "allowed apps" setting.
Screenshots
While attempting a call from either end, the other end will have this "Connecting..." notification:
After attempting a call from either end, that end will receive this "Network failed!" error:
Device
Fairphone 5 (FP5), Google Pixel XL (marlin)
Android version
14, 16
Signal version
8.2.2, 8.4.1
Link to debug log
https://debuglogs.org/android/8.2.2/6be3633ee3bd045624084b67222aea802839f30a8f871e915480afd073a19109
The log was collected after performing the following actions:
- Boot phone with split-tunnel VPN connected
- Message from working phone to test phone (works)
- Message from test phone to working phone (works)
- Call from working phone to test phone (fails)
- Call from test phone to working phone (fails)
- Disconnect split-tunnel VPN
- Call from working phone to test phone (works)
- Call from test phone to working phone (works)
- Reconnect split-tunnel VPN
- Call from test phone to working phone (fails)
- Call from working phone to test phone (fails)
- Log captured
Guidelines
Bug description
Please see #13209#issuecomment-4147062711 for original context.
I've setup OpenVPN for Android, specifically only to route an RFC1918 private IPv4 subnet and an RFC4193 private IPv6 subnet. There are no default routes or DNS overrides through the VPN. This is purely a "split tunnel" VPN by classical definition, in that the VPN adds supplemental routes to the routing table rather than hijacking all internet connectivity, not to be confused with Android's VPN app exclusions functionality that several people call "split tunneling".
It looks like other people have also experienced this issue while utilize Wireguard, with the common factor being that
0.0.0.0/0or::/0are NOT routed through the VPN; internet connectivity is still wifi/cellular while the VPN is enabled.For me, Signal appears to be failing to make new connections after the VPN is connected. More specifically:
Signal failed to send/receive messages after killing/reopening the app(I encountered this recently but I was unable to reproduce this on a second phone)Furthermore, this same behavior regarding split tunnels was also identified 6 years ago; the user claims that switching to a full VPN configuration allowed Signal to make calls. See: https://www.reddit.com/r/signal/comments/eshchu/comment/ff9yt0u/
I was able to work around the issue and get Signal to work with my split tunnel VPN active by excluding Signal in the OpenVPN profile's "allowed apps" settings... This may also become easier to configure for other VPN apps in Android 17. I was also able to again reproduce the issue after removing Signal from the OpenVPN profile's "allowed apps" setting.
Screenshots
While attempting a call from either end, the other end will have this "Connecting..." notification:
After attempting a call from either end, that end will receive this "Network failed!" error:
Device
Fairphone 5 (FP5), Google Pixel XL (marlin)
Android version
14, 16
Signal version
8.2.2, 8.4.1
Link to debug log
https://debuglogs.org/android/8.2.2/6be3633ee3bd045624084b67222aea802839f30a8f871e915480afd073a19109
The log was collected after performing the following actions: