pull down to refresh

Just a quick post so that someone might learn from my frustration. This morning my Graphene OS Pixel 7 lost all data connectivity. I tried everything I could think of to correct it. I use a proton on all the time VPN. After switching to my laptop, I discovered that I was logged out of my protonmail account. I tried to log back in, but I learned that my account was locked. After security checks and resetting my password my email account was unlocked. I remembered that the proton VPN uses the same login credentials, so I checked my pixel and the Proton VPN was also logged out. I logged in with the new credentials, and now my data connectivity was restored. It never occurred to me that the OS wouldn't allow me to use data without the VPN. I appreciate the added security, but can someone with more knowledge explain what I experienced?
Someone else mentioned it's in the settings. But AFAIK, graphene has pretty strong guarantees around no VPN leaks meanwhile Apple can't even promise that, they have holes. So it is a good feature. You just need to know how to occasionally stop it when it doesn't work for whatever reason.
Proton makes good products but the last thing I want to do is tie email data to VPN data. Separate it IMO. No account VPNs like mullvad or ivpn are great. You just have to worry about expirations.
reply
That's exactly what I was thinking. Not best practices tying email to VPN. I'm checking out Mullvad right now. Live and learn.
reply
Look at vpn.sovereign.enginneering if you want to go with mullvad. Operates over tor, creates a random ID, lets you pay over LN to fund the ID.
reply
Thanks for the heads up.
reply
Excellent advice.
reply
Sounds like you've got it working again. I've been using proton VPN for a while and had no probs.
Out of interest, have you ever looked into split tunneling? When you do, you can make some apps exempt from the VPN.
I'm all for that and using AFWall+ and displaying the VPN column via settings.
reply
I have never tried it. As @TonyGiorgio suggested, I am going to separate my VPN from email with Mullvad. Once I'm set up I'll look into split tunneling.
reply
Some VPN's have a kill switch to stop the internet if the VPN disconnects.
I like using it for privacy, but I remember having a similar experience & it took me a while to figure out that I had enabled the kill switch
reply
Thanks for writing this up. I'm considering switching, so it's good to have these accounts.
Have you considered writing it up on https://discuss.grapheneos.org/?
reply
Also, I definitely encourage you to make the switch. I really appreciate the added security and privacy. You dont give up much in the trade off. I have decided not to use any google apps, and I don't access the play store at all. There is a little convenience trade off, but I think it's worth it.
reply
Thanks for the kind words, but it looks like my problem wasn't graphene OS based. It was the protonVPN setting. I'm sure if could happen on any OS. I don't visit that graphene OS site often. Maybe I should.
reply
I tried to log back in, but I learned that my account was locked.
Can you go into detail about this? As a ProtonMail user this has never happened to me. What triggered it?
reply
It never happened to me before either. I don't have any more information than what I described earlier. I am contacting support.
reply
deleted by author
reply
Duh. Thank you. Simple enough. You know what? I'll leave it set as is. I like the added security, and I'll know if it happens again.
reply
deleted by author
reply
I have this same issue. It's infuriating. I'd be happy to have the feature on, but accessing locally hosted services is a must for me.
reply
Exactly.
reply
you won't be able to access them if you leave this feature turned on
You mean because you can't access your local area network? Since everything must go through the VPN?
Or why shouldn't it work?
reply
Not exactly sure, but it doesnt work while this feature is turned on.
reply
Where are you hosting your services?
reply
Local self-hosting, on a Raspberry Pi at my place.
reply
Then I am pretty sure that's the reason. You can only access stuff which is reachable from the VPN servers, which excludes local area networks.
So you need split tunnel or include them in your VPN somehow.
I use wireguard on my hosting machine. Do you know if that has a similar setup?
reply
deleted by author
reply
deleted by author
reply
Exactly. Thanks for the explanation.
reply
deleted by author
reply
Yes. That's my next issue. I use the same protonmail account on an old Ubuntu laptop, and apparently that's where the issue occurred. I guess there was some concern about suspicious activity. I'm still exploring that.
reply
deleted by author
reply
Thanks. I'm obviously still learning! Thanks for the nostr follow. I'll follow back when I log in.
reply