ok but i can exclude rclone.exe and not have to use --bind
but if that works for you, good.
with gdrive, and almost all backends, everything is crypted as rclone uses https for api and data transfer.
what is the practical advantage of using a vpn, are you worried about some kind of proxy server middleman?
and fwiw, imho, given the slow speeds from mullvad, not sure wireguard is much of an advantage.
with mullvad, normally i do not use the mullvad vpn app.
i connect direct over openvpn.
No. I have to add rclone.exe to the vpn split tunnel and use the --bind= switch. It's not one or the other for me. Both are needed or it won't work.
My VPN is on all the time. Anything that accesses the internet uses the socks5 10.64.0.1:1080, which with mullvad ties to WireGuard. So nothing can connect out without the VPN. It's just another block, along with the killswitch. But I use a VPN for everything mainly to prevent tracking and ID theft. T-Mobile was breached and my info got taken, so since then I've been taking precautions to protect myself virtually. Mullvad is not the only think I use, but it's a part of it. Interestingly, I do not get slow speeds at all using Mullvad WG; I get about 4/5 of my normal speeds with the NT version, which is why I opened this thread and didn't want to just downgrade to WireGuard-go permanenly.
well, the good news, what i was focused on from the start, this is not a rclone bug
can you post a working command?
and good point about the speed of wireguardnt.
i was not using the mullvad app, not using the old version of wireguard, as it was slow.
as i mentioned, used openvpn direct connect.
but just now, using mullvad vpn app and wireguardnt, decent speeds and very good ping
but the reason i do not use it, is that i do not trust wireguardnt yet.
and no updates in five months...
But is an rclone bug, right? I mean, why should rclone need to be excluded in order for it to work right? It should work out of the box, with any connection. The command are the same because nothing changed in them; there were no configuration alterations because I just excluded rclone.exe. It doesn't solve the underlying issue as to why rclone doesn't work with WireGuardNT. It just acts as a band-aid. It always worked for you because you too were excluding it using the --bind= switch.
Also, wireguard get updated frequently. And Mullvad updates every couple of months to reflect WG.
in all my testing, not seeing a bug, so far, zero issues.
as per my example above, no issues running rclone.exe commands
running latest mullvad app, downloaded today
using wireguardnt
rclone.exe NOT excluded using mullvad app.
NOT using rclone --bind
i believe the same version of windows 11, os/kernel: 10.0.22000.527 (x86_64)
not correct, in fact just the opposite
until now, never excluded an app from mullvad app. i did that to help you and see if there is a rclone bug.
the only reason i used --bind was as a test/proof, if rclone.exe was, in fact, being excluded or not by mullvad app.
--- using --bind to local nic ip address and rclone.exe is excluded, rclone will not fail.
--- using --bind to local nic ip address and rclone.exe is not excluded, rclone will fail. dial tcp 192.168.62.234:0->142.251.35.170:443: connectex: An attempt was made to access a socket in a way forbidden by its access permissions
I don't know what to tell you. I guess your experiences have not been my experiences.
running latest mullvad app, version 2022.1
using wireguardnt
rclone.exe NOT excluded using mullvad app.
NOT using rclone --bind
Running Windows 11 21H2 build 22000.527 x64
NextDNS Paid DoH OS-wide
With this ^ configuration rclone DOES NOT work correctly for me; transfers are as described in my initial post.
running latest mullvad app, version 2022.1
using wireguardnt
rclone.exe excluded using mullvad app.
using rclone --bind=192.168.0.40 (the address to my NIC)
Running Windows 11 21H2 build 22000.527 x64
NextDNS Paid DoH OS-wide
However, using this ^ configuration rclone works for me. As I've said before, both Mullvad split-tunneling and the --bind flag are needed for me. That's great if it works for you without that. But that is not the case for me.. I get the same error as you, dial tcp 192.168.0.40:0->142.251.35.170:443: connectex: An attempt was made to access a socket in a way forbidden by its access permissions, if the --bind flag is used without the vpn exclusion.
I don't know why I have this issue and you do not. But I do know that I do. For me the issue is real. Excluding it from the VPN doesn't change that.
A workaround, yes. But as I've said before (which you won't aknowledge) there is still a bug that prevents it from running with WireGuardNT. Yes I can get things to run, but only if I exclude it from the VPN. Why is that?
Also, wanna hear something truly strange? I can exclude it from Mullvad altogether, but I have to use the --bind flag in order to get it to work. However, if I use another VPN (in this case hide.me) I have to exclude it from the VPN but I do not have to use the --bind bind flag! This is crazy!
Also, DoH (#6) has no effect one way or the other. I've tried it on and off and no effect was evident.