Pango Platform
HomeConsole
  • What is Pango Developer Platform
  • Getting started
    • Sign up on the Management Console
    • Create a new project
    • Switch projects
    • Change console settings
    • Edit your profile
    • Try out the demo app
    • Keep exploring
    • Deprecation and Sunset
  • Console details
    • Dashboard
      • General
      • Location loading
    • Users
      • User page
    • Active sessions
    • Network
      • Countries
      • Locations
      • Pools
        • Optimal location
        • Location rules
    • Settings
      • General
        • Project config description (JSON format)
          • Server selector (JSON format)
          • Request selector (JSON format)
      • Authentication methods
        • Auth Plugin requirements
      • VPN
        • General
        • VPN Bypass list
        • Client Networks
      • Member
    • Export Data
    • Log
  • SDK
    • Unified VPN SDK for Android
      • Setup
        • Application Setup
        • Proguard Rules, Notification, and Analytics Configurations
        • Backend URL Configuration
      • Usage
        • Initialization
        • VPN Interface
        • Backend interface
      • Features
        • Hydra Protocol
          • Location profile (Hydra only)
        • Custom sdk dependencies
        • Deferred VPN Service Initialization
        • Authentication
        • Client Network List (CNL)
        • OpenVPN transport
        • Wireguard Transport
        • Reconnection strategy
        • Single Protocol SDK
        • Killswitch
        • Domain route via VPN
        • Process route via VPN
        • Process Bypass
        • Domain Bypass
        • Traffic rules
        • VPN Node DNS Configuration
        • Multihop
          • Optimal Location
      • Exceptions
      • Version migration
      • Changelog
    • Unified VPN SDK for Apple
      • Setup
        • Application Setup
        • Network Extension Setup
          • Network Extension Setup for tvOS
        • Backend URL Configuration
      • Usage
        • Single Protocol SDK
        • Unified SDK
        • Logging
        • Decoding Encoded VPN SDK Logs
      • Features
        • Deferred VPN Service Initialization
        • Authentication
        • Wireguard Transport
        • Reconnection strategy
        • Killswitch
        • Domain Bypass
        • Multihop
          • Optimal Location
        • Client Network List (CNL)
        • Domain route via VPN
      • Changelog
      • API Reference
    • IPSEC VPN SDK for Apple
    • Unified VPN SDK for Windows
      • Setup
        • Backend URL Configuration
        • Service command line arguments
        • ARM Platform Support
      • Usage
        • CoreAPI
        • Events
        • Generating a Unique Device Identifier
        • Error processing
        • Pipe Messaging
      • Features
        • Traffic protection
          • Killswitch
          • Prevent IP Leaks
          • Block Local Networks
        • Other
          • Firewall
            • DNS Monitor
            • Process Bypass
            • Domain Bypass
            • Process route via VPN
            • Domain route via VPN
          • Throttling
          • Optimal Location
          • Common issues
        • Hydra Protocol
          • CustomDNS, UserDNS, MultiHop, VpnProfiles
        • OpenVPN Protocol
        • Wireguard Protocol
        • IPSec Protocol
      • Collecting Debug Logs
      • Changelog
    • Unified VPN SDK for Routers
      • SDK. Shared library.
      • Configuration Interface (CI)
        • Unix Domain Sockets CI
        • REST API CI
    • Unified VPN SDK Feature Comparison By Platform
    • Unified VPN SDK
      • Features
        • Personal Bridge
    • Tunnel Vision and Tunnel Crack Prevention
  • REST API
    • Partner API
  • Sample applications
    • Unified VPN SDK demo for Windows
    • Hydra VPN SDK demo for iOS
    • IPSEC VPN SDK demo for iOS
    • Unified VPN SDK demo for Android
    • Hydra VPN SDK demo for OpenWRT
    • OpenVPN configuration file
  • Resources
    • Use cases
      • Public VPN
      • Business VPN
        • Creating a Business VPN Project
        • Wi-Fi Security for Business
      • Application anti-blocking
    • How-to
      • Create a Firebase project for User Authentication
      • AWS CloudFront Distribution of the Platform URL
      • How can I get Shared Secret key from iTunes Connect for In-App Purchase
  • FAQ
    • General
      • VPN Platform Flow
      • What data is collected by the Platform?
      • What analytic data is collected by your SDK?
      • How the Platform restricts access to our data?
      • Why DNS Leak tests often indicate positive result?
      • Do we need to perform endpoint health checks?
      • How is the VPN exit node found?
      • How are streams re-marked if VPN is enabled/disabled on an active flow?
      • Is there a maximum number of supported devices?
      • Are both IPv4 and IPv6 supported?
      • What is the MTU of the tunnel?
      • Are any redundancy measures in terms of reliability provided?
      • Is there any load balancing?
      • Do you block broadcast and multicast to/from the VPN?
    • List of Open Source libs
Powered by GitBook
On this page
  • Updating Process Bypass
  • Explicitly Updating Process Bypass

Was this helpful?

  1. SDK
  2. Unified VPN SDK for Windows
  3. Features
  4. Other
  5. Firewall

Process Bypass

PreviousDNS MonitorNextDomain Bypass

Last updated 1 month ago

Was this helpful?

Process bypass is a powerful capability that allows you to programmatically update the list of processes that can be excluded from the VPN tunnel. This feature enables certain applications to send their traffic outside the encrypted connection. It's particularly useful when you need to dynamically manage VPN exceptions based on specific application requirements or user scenarios.

Additional info about common mistakes can be found on the page .

Updating Process Bypass

To update the process domain list programmatically, you can utilize the following:

Using "ConfigureFirewallAsync" will create the necessary bypass rules only after the VPN tunnel is up. If you want to explicitly apply process bypass immediately after sending to the SDK - use "ConfigureBypassProcesses/ConfigureBypassProcessesAsync".

var sdk = new SDK();

var request = new FirewallRequest
{
    UpdateBypassProcesses = new UpdateBypassProcessesRequest
    {
        Processes = new List<string>
        {
            "C:\\Program Files\\YourCompany\\YourCompanyApp.exe", // <-- Custom company application
            "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe", // <-- Built-in Microsoft Edge browser
        },
    },
};

var result = await sdk.ConfigureFirewallAsync(request).ConfigureAwait(false);
Console.WriteLine(result.UpdateBypassProcesses);
// Message: "Ok"
// Result: Ok

C:\\Program Files\\YourCompany\\YourCompanyApp.exe: This could represent a custom application developed by your company. By adding this process to the bypass list, the application enables to send the traffic outside the encrypted connection.

C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe: This is the path to the built-in Microsoft Edge browser executable. Including Microsoft Edge in the bypass list enables to send the traffic outside the encrypted connection.

In the code snippet, the backslashes (\) in the file paths are escaped using an additional backslash. This is necessary because the backslash is a special character in C# string literals. Forgetting to escape the backslashes is a common oversight and can lead to incorrect file paths.

Process Bypass requires the full path to the process file.

Explicitly Updating Process Bypass

var sdk = new SDK();
var request = new BypassProcessesRequest()
{
    UpdateBypassProcesses = new()
    {
        Processes = new List<string>
        {
            "C:\\Program Files\\YourCompany\\YourCompanyApp.exe", // <-- Custom company application
            "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe", // <-- Built-in Microsoft Edge browser
        },
    },
};

var result = await sdk.ConfigureBypassProcessesAsync(request).ConfigureAwait(false);
Console.WriteLine(result.UpdateBypassProcesses);
// Message: "Ok"
// Result: Ok
Common issues