Skip to content

Provide network connectivity to WSL 2 when blocked by VPN

License

Notifications You must be signed in to change notification settings

bmayfi3ld/wsl-vpnkit

 
 

Repository files navigation

wsl-vpnkit

The wsl-vpnkit v0.3 script uses gvisor-tap-vsock to provide network connectivity to the WSL 2 VM while connected to VPNs on the Windows host. This requires no settings changes or admin privileges on the Windows host.

The releases bundle the script together with the binaries in an Alpine distro.

For v0.2, please see the v0.2.x branch.

Setup

Download the prebuilt file wsl-vpnkit.tar.gz from the latest release and import the distro into WSL 2. Running the distro will show a short intro and exit.

# PowerShell

wsl --import wsl-vpnkit --version 2 $env:USERPROFILE\wsl-vpnkit wsl-vpnkit.tar.gz
wsl -d wsl-vpnkit

Start wsl-vpnkit from your other WSL 2 distros. Add the command to your .profile or .bashrc to start wsl-vpnkit when you open your WSL terminal.

wsl.exe -d wsl-vpnkit --cd /app service wsl-vpnkit start

You can also check service status to start service only if needed.

wsl.exe -d wsl-vpnkit --cd /app service wsl-vpnkit status >/dev/null || \
wsl.exe -d wsl-vpnkit --cd /app service wsl-vpnkit start

Notes

  • Ports on the WSL 2 VM are accessible from the Windows host using localhost.
  • Ports on the Windows host are accessible from WSL 2 using host.internal, 192.168.67.2 or the IP address of the host machine.

Update

To update, unregister the existing distro and import the new version.

# PowerShell

wsl --unregister wsl-vpnkit
wsl --import wsl-vpnkit --version 2 $env:USERPROFILE\wsl-vpnkit wsl-vpnkit.tar.gz

Uninstall

To uninstall, unregister the distro.

# PowerShell

wsl --unregister wsl-vpnkit
rm -r $env:USERPROFILE\wsl-vpnkit

Build

This will build and import the distro.

git clone https://github.com/sakai135/wsl-vpnkit.git
cd wsl-vpnkit/
./build.sh
./import.sh
./test.sh

Optionally you may build with podman instead of docker (default) by overriding environment variable DOCKER:

DOCKER=podman ./build.sh

Using wsl-vpnkit as a standalone script

The wsl-vpnkit script can be used as a normal script in your existing distro. This is an example setup script for Ubuntu.

# download wsl-vpnkit
VERSION=v0.3.x
wget https://github.com/sakai135/wsl-vpnkit/releases/download/$VERSION/wsl-vpnkit.tar.gz
tar --strip-components=1 -xf wsl-vpnkit.tar.gz app/wsl-vpnkit files/wsl-gvproxy.exe files/wsl-vm
rm wsl-vpnkit.tar.gz

# place Windows exe
USERPROFILE=$(wslpath "$(powershell.exe -c 'Write-Host -NoNewline $env:USERPROFILE')")
mkdir -p "$USERPROFILE/wsl-vpnkit"
mv wsl-gvproxy.exe "$USERPROFILE/wsl-vpnkit/wsl-gvproxy.exe"

# place Linux bin
chmod +x wsl-vm
sudo chown root:root wsl-vm
sudo mv wsl-vm /usr/local/sbin/wsl-vm

# run the wsl-vpnkit script
chmod +x wsl-vpnkit
sudo ./wsl-vpnkit

Troubleshooting

Configure VS Code Remote WSL Extension

If VS Code takes a long time to open your folder in WSL, enable the setting "Connect Through Localhost".

Cannot connect to WSL 2 VM IP while connected to VPN

This is due to the VPN blocking connections to the WSL 2 VM network interface. Ports on the WSL 2 VM are accessible from the Windows host using localhost.

For this and other networking considerations when using WSL 2, see Accessing network applications with WSL.

Run in foreground

wsl.exe -d wsl-vpnkit --cd /app wsl-vpnkit

Try shutting down WSL 2 VM to reset

# PowerShell

wsl --shutdown
kill -Name wsl-gvproxy

Run service with debug

If you set DEBUG variable before calling service you can see more debug information

Example:

wsl.exe -d wsl-vpnkit --cd /app DEBUG=1 service wsl-vpnkit restart

About

Provide network connectivity to WSL 2 when blocked by VPN

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Go 55.3%
  • Shell 39.7%
  • Dockerfile 5.0%