The rules required to make your VPN work will of course depend on your VPN. Depending on your VPN configuration and your needs, you may want to restrict that as well, and just allow access to the IP of your VPN server.
USE LITTLE SNITCH FULL
If all goes well, you now have full internet access: One for all applications owned by you, and one for all system applications: Go back to the rules window, and click "New". Choose "VPN & Safe Networks":įinally, now that the association has been made between the VPN network and the VPN profile, we need to restore access to all applications. So we need to create a few rules for that.Īt this time, the VPN won't be able to connect, but since we activated Silent Mode, the connection attempts will appear in Little Snitch and we can create new rules:Īs soon as the rules are created, the VPN connection will succeed and you will be prompted with the familiar dialog. We succeeded in stopping access for all applications, but the truth is: the VPN itself needs access. That's what we wanted :) Let's now configure the VPN. Since the default rules do not explicitly allow any connection, and we have set "Silent Mode" to "Deny", we basically lost internet access: If you are at an unsafe location, or if you simply prefer to have VPN activated at all times, select "Deactivate Active Profile": If this your home connection, you could choose the newly created VPN profile. Let's simplify the view a bit by hiding disabled rules:įirst, we need to enable "Automatic Profile Switching":Īnd now Little Snitch wants you to choose a profile. When you are done, your rules should look like this: Incoming connections (though it's safe to disable those as well).You may get a few warnings, but just go ahead and do it anyway (you can always restore the factory defaults later). So let's start from an empty environment.ĭelete or disable all the rules. They are mostly harmful, but if you are worried about your privacy, it can't hurt to be cautious. Little Snitch comes with a couple of default rules. Little Snitch has a tendency to be a bit verbose, and will pester you with questions as soon as any application attempts a connection, which can rapidly get annoying.įortunately, there is a "Silent Mode", which will automatically allow/deny any connection, and offer us some peace while we work on the configuration. Step 2: Stop the filter and switch to silent mode
We are going to use this feature to provide unrestricted access to the internet when connected to a VPN, and automatically cut off access as soon as we are disconnected (or before we are connected). One of its greatest features, introduced in version 3, is "Automatic Profile Switching": the ability to automatically apply different rules depending on which network you're connected to. Little Snitch is a firewall that allows you to control connections
Let "Automatic Profile Switching" do the rest.Create a "VPN" profile that allows all connections.Modify rules in default profile to deny all connections.Private Internet Access as an example, but this applies to any VPN connection, on any network. This article presents a simple technique that allows you to force internet access through a VPN when using unsafe networks. There are a couple reasons why you would want to access the internet through a VPN: your work requires it, you regularly work from open Wifi networks, at hotels, coffee shops or libraries, and you want to prevent eavesdropping. Using Little Snitch to prevent internet access without VPN