Unable to use Roon Core with VPN

Roon Core Machine

Windows 10 \ Ryzen 5 \ 16 gb

Networking Gear & Setup Details

Connected Audio Devices

Number of Tracks in Library

Description of Issue


I use latest Roon Core on my Windows 10 machine with a USB-DAC. I use NordVPN.
When I turn the VPN off completely, I can see all the audio devices including DAC just fine.
When I turn the VPN on I see no audio devices. I’ve added Roon.exe and RAATServer to the split-tunneling which does work for any other app, but have no effect here. I’ve also added Roon and RAATServer to the firewall exception.

This is extremely frustrating and I have to use the VPN. What are my options here?

My assumption that it has something to do with DNS resolving, however I guess it’s not possible to configure per-app-DNS via VPN software.

I can easily use Roon over VPN to my iDevices. There are several solutions for this. You may search the forum.

What solution besides split-tunneling, which is not working, would you suggest?

I’m not familiar with split tunneling. But I assume you like to access Roon from a remote location. My reason to utilize VPN, as to access Roon in my car, and stream through my iDevices using the Apple CCK and a small USB DAC. (The Cobalt).

For this I use the firewall iPfire, which also serves as my DHCP server. ( iPfire seems to support split tunneling)

The iPfire require separate HW, but can also be utilized as a virtual machine depending on your skills.

I see, that is actually on the contrary - I’m trying to access Roon locally, on a laptop. And with VPN turned on, I can’t access any audio devices in Roon, including laptop speakers, which are not only local, but in fact are the part of the laptop and probably should not require internet to be accessed.

Will this do the trick?

I’m using stock WireGuard macOS app with a Mullvad VPN subscription. I was surprised to see Roon working even when the VPN is active.

@The_User It seems that NordVPN also supports the Wireguard protocol. In their app it’s called NordLynx. Perhaps worth a try?

I have this issue with my work Mac it only sees audio devices with the VPN off. I have to use VPN for work and have no control over the software but it is split tunnel as I can see the rest of my home network via it and internet is via my home connection not via VPN.

Thanks for the replies, I did some additional research and apparently this is indeed the issue with the split-tunneling not working correctly in NordVPN, as I assumed it is the DNS issue:

The issue is related to Windows not being able to split the DNS requests. Even though the applications are using a non-VPN tunnel for the connection, the DNS requests are still going through the VPN tunnel for security reasons.

However, regardless of the issues with dns, for a music player not being able to play local music locally without the internet is terrifying, it’s just awful decision design-wise.

Maybe someone from the team can explain to me, why Roon on my laptop needs internet to access build-in speakers?

I have the same issue. This a terrible design decision from Roon. I am getting more frustrated each time things like this pop up. Roon needs to be incredibly user friendly and it simply isn’t too many times.

Still no reply from Roon support on this horrible oversight in their software. Just wow.

You can read this thread for official statements:

Some threads about working VPN setups can be found in the #tinkering section of this forum.

Sounds like NordVPN is blocking local LAN access, especially via multicast discovery pkts.

I’d look into a VPN that doesn’t do that. I use Tailscale, which is quite possibly the easiest and most powerful VPN, while also not breaking things. Note that it’s also true VPN software, not a shady service provider that is probably selling your data.

It is NordVPN. So not some junk VPN service. It is setup properly. The rest of my programs can access the network just fine. Roon is the only software that is not acting properly.

I have some input from NordVPN. They suggest that you try “Enable VPN for selected apps only” and add whatever you need there.

Give that a shot and let us know how it goes.

Hello Danny and thank you for your replies.

First of all, I have to mention that I really like Roon’s clean interface and metadata fixing features, that is why I care about your software.

Second, NordVPN is the largest VPN provider on the market, judging by the number of installs and 3 branded search terms results, saying it’s shady is like saying Apple is some shady phone company.

Regarding your other claim, they reside outside Five Eyes or Fourteen Eyes jurisdiction and have no-log policy, it’s one of the best VPN providers on the market privacy-wise.

Regarding Tailscale, where I live some VPNs are blocked and NordVPN has advanced features like Obfuscated VPN, which I know for sure work for my scenario. Switching VPN provider requires a lot of research and testing, time commitments I’m not ready to do for a single service.

Speaking of which, Roon is the first program that had problems with VPN among all the software I have on my phone, tablet and a laptop, in more than 3 years of using VPN services.

Third, you’ve provided technical explanation why it’s failing, however it doesn’t contradict that the architecture is awful. Using the web for the internal speakers is borderline insane.
I’m not a programmer, however I’ve came up with a piece of code that you may want to pass to the team:

if device.type = internal
than set playback.type = local

And finally, setting “Enable VPN for selected apps only” is working, yet it is very combersome to use.

That is exactly what is doing. The VPN is interfering with internal local playback in many cases. Even Nord suggested a work-around for this because they understand that it interferes, and if you reverse the rules, it doesn’t.

Thank you, I see now, I wouldn’t have been that bitter in my response knowing that, on the surface it seems that internet and audio interfaces shouldn’t be connected, yet they apparently are.