Using with VPNs

Virtual Private Network (VPN) is a useful security/privacy tool with widespread usage. There are several VPN products by various providers which offer many secuirty functions, but their main feature is the VPN itself.

In this article we are going to share our tips on how to use NetLimiter with VPNs in general and also how to use it with some VPN providers (we plan to update the list continuosly).

How VPN works

Basic VPN functionality is to connect user's machine to internet through a proxy server. All of the user's internet traffic is routed through this remote machine. This has several interesting consquences. The most important one is that user's PC appears to the outside world (the internet) as the proxy server (recognized by its IP address).

This has many ramifications; naming them all is not an objective of this article, but for example user, by connecting to Netflix (or other streaming service) through a proxy located in the USA, can reach to the services which are available only in the USA (by "pretending" the user is located there, too).

Problems with VPNs

There are several disadvantages of VPNs, but the most important issue while using with NetLimiter is that it could hide IP addresses of remote machines (websites, internet services etc.) user is connected to. In practice it means that in NetLimiter you don't see actual remote address from which you download the data, but only some substitute IP. This also means that all IP-based filters, which worked before enabling a VPN could stop working. In some cases, users can use domain-based filters instead of IP-based filters, if the domains are available on the particular VPN.

The other complication is with Stats. The real traffic appears in NetLimiter twice - once for an application itself (user's web browser etc.) and also for VPN service - and it is recorded for both cases. A VPN app downloads the data from internet (selected proxy server) and distributes it to local user apps and these data transfers appear in Stats database in both instances. There is a simple remedy - ignoring/forgetting traffic of the VPN service. Here's how to do it:

• Select the VPN service/app in Activity (which is easily identifiable by transferring same data amounts as all other apps together).
• In InfoView for the selected VPN click on Edit tags.
• Check Ignore traffic tag. You can read more about Tags in the Docs.

SurfShark

The VPN works great. From NetLimiter's point of view all remote IPs are visible and available, so all IP-based filters work as if the VPN was disabled. The SurfShark service responsible for connection to proxy server is named Surfshark.WireguardService (product version 5.5.1). - set a limit on it and you will throttle whole machine. Tagging this program with Ignore traffic will prevent stats doubling as described above.

NordVPN

This VPN works fine with NetLimiter. The name of the service responsible for data transfers is NordVPN (file name is nordvpn-service.exe, product version 5.17.5.0).

ExpressVPN

Same as SurfShark - real ip addresses are visible to NetLimiter. The name of the service responsible for data transfers is ExpressVPN Lightway Client (version 12.71.0).

/img/docs/vpn-expressvpn.png