Thank you Tobias, Is something similar possible in windows where I can select which all applications should enter the tunnel or not. I understand the Windows client VPN is not ready, but in a site-site tunnel case I can selectively have applications travel through the tunnel or outside depending on my choice?
RegardsWinny On Monday, 17 August, 2020, 3:08:53 pm IST, Tobias Brunner <tob...@strongswan.org> wrote: Hi Winny, > The strongswan android app has a feature where in a particular app > can be selected and its traffic will bypass the tunnel. Could someone > briefly explain how is the traffic originating from this application > identified and then sent outside the tunnel. The Android app uses Android's VpnService API. The VpnService.Builder class [1] provides the addDisallowedApplication method to exclude apps from the VPN. Android implements this via policy routing (each app runs under a separate user ID), see [2]. Regards, Tobias [1] https://developer.android.com/reference/android/net/VpnService.Builder.html [2] https://stackoverflow.com/a/54982521/1158499