VPN with WireGuardNT

ok but i can exclude rclone.exe and not have to use --bind
but if that works for you, good.

with gdrive, and almost all backends, everything is crypted as rclone uses https for api and data transfer.
what is the practical advantage of using a vpn, are you worried about some kind of proxy server middleman?

and fwiw, imho, given the slow speeds from mullvad, not sure wireguard is much of an advantage.

with mullvad, normally i do not use the mullvad vpn app.
i connect direct over openvpn.

No. I have to add rclone.exe to the vpn split tunnel and use the --bind= switch. It's not one or the other for me. Both are needed or it won't work.

My VPN is on all the time. Anything that accesses the internet uses the socks5 10.64.0.1:1080, which with mullvad ties to WireGuard. So nothing can connect out without the VPN. It's just another block, along with the killswitch. But I use a VPN for everything mainly to prevent tracking and ID theft. T-Mobile was breached and my info got taken, so since then I've been taking precautions to protect myself virtually. Mullvad is not the only think I use, but it's a part of it. Interestingly, I do not get slow speeds at all using Mullvad WG; I get about 4/5 of my normal speeds with the NT version, which is why I opened this thread and didn't want to just downgrade to WireGuard-go permanenly.

well, the good news, what i was focused on from the start, this is not a rclone bug :beers:

can you post a working command?

and good point about the speed of wireguardnt.
i was not using the mullvad app, not using the old version of wireguard, as it was slow.
as i mentioned, used openvpn direct connect.

but just now, using mullvad vpn app and wireguardnt, decent speeds and very good ping
image

but the reason i do not use it, is that i do not trust wireguardnt yet.
and no updates in five months...

But is an rclone bug, right? I mean, why should rclone need to be excluded in order for it to work right? It should work out of the box, with any connection. The command are the same because nothing changed in them; there were no configuration alterations because I just excluded rclone.exe. It doesn't solve the underlying issue as to why rclone doesn't work with WireGuardNT. It just acts as a band-aid. It always worked for you because you too were excluding it using the --bind= switch.

Also, wireguard get updated frequently. And Mullvad updates every couple of months to reflect WG.

see this

in all my testing, not seeing a bug, so far, zero issues.

as per my example above, no issues running rclone.exe commands

  1. running latest mullvad app, downloaded today
  2. using wireguardnt
  3. rclone.exe NOT excluded using mullvad app.
  4. NOT using rclone --bind
  5. i believe the same version of windows 11, os/kernel: 10.0.22000.527 (x86_64)

not correct, in fact just the opposite
until now, never excluded an app from mullvad app. i did that to help you and see if there is a rclone bug.

the only reason i used --bind was as a test/proof, if rclone.exe was, in fact, being excluded or not by mullvad app.
--- using --bind to local nic ip address and rclone.exe is excluded, rclone will not fail.
--- using --bind to local nic ip address and rclone.exe is not excluded, rclone will fail.
dial tcp 192.168.62.234:0->142.251.35.170:443: connectex: An attempt was made to access a socket in a way forbidden by its access permissions

did another test, the same except this time w10, not w11
again, zero problems.

--- no need to exclude rclone.exe
--- no need to use --bind

I don't know what to tell you. I guess your experiences have not been my experiences.

  1. running latest mullvad app, version 2022.1
    
  2. using wireguardnt
    
  3. rclone.exe NOT excluded using mullvad app.
    
  4. NOT using rclone --bind
    
  5. Running Windows 11 21H2 build 22000.527 x64
    
  6. NextDNS Paid DoH OS-wide
    

With this ^ configuration rclone DOES NOT work correctly for me; transfers are as described in my initial post.

  1. running latest mullvad app, version 2022.1
    
  2. using wireguardnt
    
  3. rclone.exe excluded using mullvad app.
    
  4.  using rclone --bind=192.168.0.40 (the address to my NIC)
    
  5. Running Windows 11 21H2 build 22000.527 x64
    
  6. NextDNS Paid DoH OS-wide
    

However, using this ^ configuration rclone works for me. As I've said before, both Mullvad split-tunneling and the --bind flag are needed for me. That's great if it works for you without that. But that is not the case for me.. I get the same error as you, dial tcp 192.168.0.40:0->142.251.35.170:443: connectex: An attempt was made to access a socket in a way forbidden by its access permissions, if the --bind flag is used without the vpn exclusion.

I don't know why I have this issue and you do not. But I do know that I do. For me the issue is real. Excluding it from the VPN doesn't change that.

well, at this point you have a workaround.

if you want to perform more testing, remove item 6. and test.

A workaround, yes. But as I've said before (which you won't aknowledge) there is still a bug that prevents it from running with WireGuardNT. Yes I can get things to run, but only if I exclude it from the VPN. Why is that?

Also, wanna hear something truly strange? I can exclude it from Mullvad altogether, but I have to use the --bind flag in order to get it to work. However, if I use another VPN (in this case hide.me) I have to exclude it from the VPN but I do not have to use the --bind bind flag! This is crazy!

Also, DoH (#6) has no effect one way or the other. I've tried it on and off and no effect was evident.

we are at an impasse.

i cannot acknowledge that which i cannot reproduce.
and i took the time to test on two machines, w10 and w11, both using mullvad app.

at this point, i suggest that you spin up a new vm, install windows 11 or 10, mullvad, rclone and nothing else.
test on that.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.