Pangolin
Full tunnel VPN #2796
fenpaws
started this conversation in
Feature Requests
Full tunnel VPN
#2796
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Summary
Currently, Pangolin supports Zero Trust via VPN. This sets up a split-tunnel VPN to access internal resources. It would be a good idea to enable a full-tunnel mode, so all traffic from the client goes through Pangolin.
Motivation
This feature is important because a split-tunnel VPN only routes traffic intended for internal resources through Pangolin, while all other traffic goes directly through the user’s local network. This can expose clients to security risks, as external traffic is not subject to the same Zero Trust policies, monitoring, or filtering.
Enabling a full-tunnel mode would ensure that all client traffic is routed through Pangolin, providing consistent security controls, visibility, and policy enforcement across all network activity. This is especially valuable for users on untrusted networks (such as public Wi-Fi), as it reduces the risk of data leakage, man-in-the-middle attacks, and bypassing security controls.
Proposed Solution
This feature should be a simple option to switch between split-tunnel and full-tunnel mode.
Admins should be able to enable full-tunnel for specific users or groups. When it’s on, all client traffic (not just internal traffic) should go through Pangolin.
There could also be an option to exclude certain domains or IPs if needed.
It should be easy to enable in the UI, and users should be able to see when full-tunnel mode is active.
Alternatives Considered
No response
Additional Context
No response
Beta Was this translation helpful? Give feedback.
All reactions