iCloud Private Relay testing and router based VPN

Is there anyway to test the iCloud Private Relay for IP address security or DNS leaks?

I use a router based VPN and when I enable the iCloud Private Relay with my router based VPN active, my IP address is not secured and there are DNS leaks. When I disable the iCloud Private Relay, then my IP address is secured and there are no DNS leaks, my IP address is secured and there are no DNS leaks.

Apple claims All Safari web browsing and all DNS queries as users enter site names will be protected by the Private Relay.

Apple states Private Really can be used alongside one's VPN. However, Apple also states traffic using a regular VPN will not be protected.

Am I the only one who is confused by this statement?

Up vote post of jamezam Down vote post of jamezam
3.8k views
Posted by
jamezam
Reply

  • Correction: When I disable the iCloud Private Relay, then my IP address is secured and there are no DNS leaks.

    jamezam

  • Similar issue. iOS devices on my network are using the Private Relay, but the desktop macOS devices are not. The IP addresses of those machines are leaking.

    britewerks
Add a Comment

Accepted Reply

I few things here I wanted to mention here: first, a Network Extension based VPN such as a Packet Tunnel Provider, or even a device-configured VPN, will always takes precedence over Private Relay. So any traffic that is going over the device-configured VPN or a Packet Tunnel Provider is not eligible for Private Relay. This is mentioned in the Note section out on the Packet Tunnel Provider documentation. Next, on this point, if traffic on the system is not going through a device-configured or Network Extension VPN then it can be eligible for Private Relay.

Lastly, if there is a local network VPN that the device is not aware of, for example a VPN that is not running on the device, then the device would not be aware of this VPN and the traffic on the device would be eligible for Private Relay, unless the user disables Private Relay on that specific network.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
Posted by
meaton
Up vote reply of meaton Down vote reply of meaton
Post marked as solved

  • Thanks Matt, I just noticed this morning that there are two areas for the iCloud Private Relay on my Mac. 1. In System Preferences>Apple ID>Private Relay and 2. System Preferences>Network>Wi-Fi>Use iCloud Private Relay.

    Disabling the "Private Relay" in the System Preferences>Apple ID allows my VPN to secure my IP address with no DNS leaks. And, the W-Fi setting "Use iCloud Private Relay" is active. So it's a little confusing as to the difference between the Apple ID>Private Relay setting and the Network>Wi-Fi>Use iCloud Private Relay.

    jamezam
Add a Comment

Replies

I few things here I wanted to mention here: first, a Network Extension based VPN such as a Packet Tunnel Provider, or even a device-configured VPN, will always takes precedence over Private Relay. So any traffic that is going over the device-configured VPN or a Packet Tunnel Provider is not eligible for Private Relay. This is mentioned in the Note section out on the Packet Tunnel Provider documentation. Next, on this point, if traffic on the system is not going through a device-configured or Network Extension VPN then it can be eligible for Private Relay.

Lastly, if there is a local network VPN that the device is not aware of, for example a VPN that is not running on the device, then the device would not be aware of this VPN and the traffic on the device would be eligible for Private Relay, unless the user disables Private Relay on that specific network.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
Posted by
meaton
Up vote reply of meaton Down vote reply of meaton
Post marked as solved

  • Thanks Matt, I just noticed this morning that there are two areas for the iCloud Private Relay on my Mac. 1. In System Preferences>Apple ID>Private Relay and 2. System Preferences>Network>Wi-Fi>Use iCloud Private Relay.

    Disabling the "Private Relay" in the System Preferences>Apple ID allows my VPN to secure my IP address with no DNS leaks. And, the W-Fi setting "Use iCloud Private Relay" is active. So it's a little confusing as to the difference between the Apple ID>Private Relay setting and the Network>Wi-Fi>Use iCloud Private Relay.

    jamezam
Add a Comment

@meaton iCloud Private Relay is giving users a false of security to users if there are no settings to enforce its use. (i.e. no safari if iCloud Private Relay is not available)

Posted by
MycroftCanner
Up vote reply of MycroftCanner Down vote reply of MycroftCanner
Add a Comment