Process route via VPN

The Unified SDK provides a powerful feature which allows you to selectively route specific processes through the VPN tunnel while keeping all other traffic unaffected. This is the opposite of the Process Bypass feature.

How it Works

When you enable the "Process route via VPN" option and specify a list of processes, only the network traffic from those processes will be sent through the VPN tunnel. All other processes will communicate normally, outside the VPN. This gives you fine-grained control over which applications use the VPN and which don't.

Additional info about common mistakes can be found on the page Common issues.

Configuring Process to Route via VPN

To configure the processes to route through the VPN, use the ConfigureRouteViaVpnProcesses or ConfigureRouteViaVpnProcessesAsync method of the SDK. Here's an example:

var sdk = new SDK();
var routeViaVpnProcessesRequest = new RouteViaVpnProcessesRequest
{
    UpdateRouteViaVpnProcesses = new UpdateRouteViaVpnProcessesRequest()
    {
        Processes = new List<string> { "C:\\Program Files (x86)\\Microsoft\\Edge\\Application\\msedge.exe" },
    },
};

var routeViaVpnProcessesResponse = await sdk.ConfigureRouteViaVpnProcessesAsync(routeViaVpnProcessesRequest).ConfigureAwait(false);
Console.WriteLine(routeViaVpnProcessesResponse.UpdateRouteViaVpnProcesses.Result);

In this example, we create a new RouteViaVpnProcessesRequest and specify the list of processes to route via VPN in the Processes property. Then we pass this request to the ConfigureRouteViaVpnProcessesAsync method.

Process route via VPN requires the full path to the process file.

Starting the VPN with Process Route via VPN Enabled

After configuring the processes, you can start the VPN with the "Process route via VPN" feature enabled:

var startVpnRequest = new StartVpnRequest()
{
    Credentials = getCredentialsResponse.Credentials,
    AccessToken = loginResponse.AccessToken,
    VpnNode = node,
    EnableRouteViaVpn = true,
    
    // Should be disabled for proper Route via VPN work, see limitations
    EnableKillSwitch = false,
    BlockLocalNetworks = false,
    EnablePreventIPLeak = false,
};

sdk.StartVpn(startVpnRequest);
// Message: "Ok"
// Result: Ok

Limitations

Please note the following limitations of the "Process route via VPN" feature:

• It cannot be enabled or disabled while the VPN tunnel is active. You must configure it before starting the VPN.

• Defense features (Killswitch, Prevent IP Leaks and Block LocalNetwork) should be disabled with enabling the Route via VPN feature (pass corresponding parameters in the StartVpnRequest with enabling the Route via VPN).