Hey, I'm new to this board so I apologize if I miss any basic steps in this post.
So my phone is setup to run always on protonVPN with VoIP apps for my calls and texts. To make and receive calls reliably I have to split tunnel the VoIP app (Mysudo) and unfortunately some Google services. After this recent graphene update I can no longer use my VoIP app when the VPN is active. It appears the latest system update made the VPN settings much stricter.
Now I'm forced to keep my VPN off since running VoIP through the VPN makes calls and text highly choppy and unreliable.
So I suppose my questions would be:
Does anyone know if this issue with split tunneling is going to be resolved in the near future?
Is there a way to fix my situation with this current version of graphene?
Is there a way to revert back to the previous system release until another fix is implemented?

Thanks in advance!!

    Have you turned off Block Connections without VPN? Settings > Network and internet > VPN > Cog icon next to your VPN > Block connections

    "Block connections without VPN" is off. The only thing that changed from my previous settings was the last graphene system update. Then my VoIP app, which was split tunneled stopped working. From reading the release notes it states that they made the VPN security stricter. So it appears graphene is now blocking all connections without VPN even with the setting off

      I also use Proton VPN.

      Are you sure you have the right application and also the right IP allowed through?

        Yes, the only way I can get the VoIP app (mysudo) to work now is to turn off the vpn, or take it out of split tunneling. But then running it through the VPN make the call connections unstable and almost unusable.

        Here's the release notes from the latest update:

        Changes since the 2024080100 release: • prevent VPN apps from having leaks to non-VPN DNS servers while not yet strictly preventing leaks to VPN DNS outside the VPN tunnel due to multiple VPN apps including Proton VPN not connecting reliably with stricter enforcement (in a future release, we can do strict blocking by default with an opt-out toggle and a list of known incompatible apps such as Proton VPN until the compatibility issue is resolved) • GmsCompatConfig: update to version 126 • GmsCompatConfig: update to version 127 • Camera: update to version 73

          I don't use VPN regularly (and no MySudo) and therefore have no long-term experience. However, I have just tested ProtonVPN + split tunneling briefly - it works for me (GrapheneOS Build 2024080200 | ProtonVPN 5.5.27.0).

          That being said, i remember VPNs (and particular ProtonVPN) being mentioned in the latest release notes (Note I can't tell whether this is related to the problem you described- maybe someone more knowledgeable can clarify):

          https://grapheneos.org/releases#2024080200

          prevent VPN apps from having leaks to non-VPN DNS servers while not yet strictly preventing leaks to VPN DNS outside the VPN tunnel due to multiple VPN apps including Proton VPN not connecting reliably with stricter enforcement (in a future release, we can do strict blocking by default with an opt-out toggle and a list of known incompatible apps such as Proton VPN until the compatibility issue is resolved)

          See also (there, too, it was partly about VPN):

          https://grapheneos.org/releases#2024080100
          and
          https://grapheneos.org/releases#2024073100

          (Both releades only made it to alpha channel)

          Maybe its a new comparability issue with Mysudo? All I could figure out with my limited knowledge is after the latest graphene update Mysudo refuses to sign in or function correctly (if at all) when its split tunneled. Now I'm having to keep my VPN off so I can make and receive calls. Which is quite frustrating after all the work put into moving to this privacy model, that's been working correctly for 2 years now.

          Also, both protonvpn and Mysudo are updated to their latest release as well.

          In that case, as a temporary(?) solution, might I suggest downloading Wireguard configs and setting up the official Wireguard app instead. In order to do split tunneling in Wireguard, you select a server in the app and then the pencil icon in the top right to edit. Tap "All Applications" in the Interface section, select applications to split tunnel and then make sure to tap the Save icon in top right (where pencil was). Unfortunately there doesn't seem to be app-wide split tunneling, or an easy way to mass-edit servers (within the app at least).

            Dumdum I'm using the WireGuard with config files, but still I face the same same issue. Signal and Molly gives notifications saying checking for messages or you may have a new message. Then I need to disable VPN to get the messages. I started missing multiple signal calls also.
            Even before there updates I just got a notification as I have a missed call, but the phone never rang. But recently this issue became severe.

              Splitting_Headache

              Does anyone know if this issue with split tunneling is going to be resolved in the near future?

              There's currently no known issue. This is the first report we've had of any compatibility issue and someone else here says split tunneling is working for them with Proton VPN. Speeduser7533

              Is there a way to fix my situation with this current version of graphene?

              Use a different app or VPN setup without a compatibility issue, possibly due to app bugs.

              Is there a way to revert back to the previous system release until another fix is implemented?

              No, and it wouldn't make sense to do this as you'll be missing security patches and other updates.

              Splitting_Headache

              So it appears graphene is now blocking all connections without VPN even with the setting off

              DNS resolution was the only thing that was changed, and it was only changed to respect the lockdown setting. It shouldn't have any impact on split tunneling with lockdown off. It's possible that it does, but it wouldn't make much sense and seems to imply an existing Android bug exists. You should try reinstalling your VPN app.

                Dumdum you're no dumdum, that was an excellent temporary solution, thank you! And I think I almost prefer this lightweight wireguard app. Using this with split tunneling for mysudo is working correctly so far.

                I wouldn't call the issue solved yet since something is definitely wrong with the protonVPN app split tunneling after the latest update. If we can't solve the problem here, is there a way to submit this bug to a dev so they can take a look?

                Thanks again!

                  Splitting_Headache Proton VPN seems to have major issues unique to their app... Even if they're triggering an OS bug, they need to start fixing the unique issues with their app.