Overview
The Velatir desktop client is designed to coexist with corporate VPNs. It supports the common configurations that organisations use to route work traffic: split-tunnel VPNs, full-tunnel VPNs, and zero-trust agents. The mechanism differs between operating systems and the behaviour is documented in detail below.macOS
On macOS, the desktop client uses Apple’sNETransparentProxyProvider system extension. This is the supported integration point for transparent proxies and it composes cleanly with VPN-style network extensions.
| VPN configuration | Behaviour |
|---|---|
| No VPN | Velatir intercepts and inspects AI traffic. All other traffic passes through unchanged. |
| Split-tunnel VPN (only specific routes via the tunnel) | Velatir intercepts AI traffic regardless of which route it takes. VPN-routed traffic to corporate resources continues to use the VPN. |
| Full-tunnel VPN (all traffic via the tunnel) | Velatir intercepts AI traffic and forwards it to the upstream over the VPN tunnel. Corporate-only AI resources remain reachable. |
Windows
On Windows, the desktop client uses a Wintun virtual adapter for traffic capture and binds its upstream connections to the most appropriate network interface on the device. The desktop client detects whether a VPN adapter is active at start time and adjusts its upstream binding accordingly.| VPN configuration | Velatir upstream binding | Behaviour |
|---|---|---|
| No VPN | Primary physical network interface | Velatir intercepts AI traffic. All other traffic passes through unchanged. |
| Split-tunnel VPN | Primary physical network interface | Velatir intercepts AI traffic. Connections to corporate-only AI resources route via the VPN automatically when those routes are more specific than the default. |
| Full-tunnel VPN | VPN adapter | Velatir intercepts AI traffic and forwards it over the VPN tunnel. Corporate-only AI resources remain reachable. |
VPN changes are handled automatically
The desktop client watches for network changes and re-binds its upstream connections when a VPN connects or disconnects, or when the device roams between networks. The rebind is debounced and backed by a periodic check, so a VPN state change is picked up within seconds without any user action. If you ever need to force a re-resolve,velatir restart (admin-only on Windows) is available as a manual fallback.
QUIC and HTTP/3
On Windows, Velatir selectively drops outbound QUIC (UDP/443) packets whose TLS SNI matches a known AI host (claude.ai, the OpenAI and Anthropic APIs, GitHub and Microsoft Copilot, Windsurf, and similar). This makes those clients fall back to HTTPS over TCP, where Velatir can inspect them. All other UDP/443 traffic — non-AI QUIC such as Google and YouTube, and shared Microsoft 365 endpoints — passes through untouched, so general browsing and VPNs that run over UDP/443 are unaffected. There is no blanket UDP/443 firewall block. On macOS, QUIC is not intercepted at all: the network extension claims only TCP/443 and TCP/80, so QUIC flows out over the normal path. AI clients on macOS reach Velatir over TCP.Zero-Trust Agents and Cloud Proxies
Velatir is compatible with userspace zero-trust agents that operate at the application layer (browser plugin, OS-level agent that injects a system proxy, or similar). Such agents typically intercept traffic in a way that is orthogonal to the desktop client’s interception layer. If your zero-trust solution intercepts traffic at the same kernel layer as Velatir (for example, by installing a competing Wintun adapter or a competing network system extension on macOS), the two may conflict. Contact support before deploying alongside such a tool.Verifying the Configuration
After install, run:Next Steps
Troubleshooting
Resolve binding and interception issues.
CLI reference
The
restart, status, and logs commands in detail.Permissions
The Wintun adapter and macOS system extension explained.
Enterprise deployment
Roll out alongside corporate VPNs at scale.