How to prevent computer from accessing internet if your VPN crash.

[stellla]

Ok,this is really small thing,but this thing can save you ass BIGTIME,there were few times when my VPN crashed and my real net was pinging all websites while it was reconnecting,and this is VERY VERY BAD thing,or some other softwares leaks or whatever,its big mess.I didnt wrote it myself,it will be copy paste from lampeduza,enjoy and be safe.

To make long story short and reasons for using Comodo Firewall behind, let me get straight to the topic.

Now everyone is using VPN these days, no matter what It is PPTP, L2TP, OpenVPN or anything else. The problem occurs when connection is dropped and you're fully exposed. In order to prevent that kind of a situation you need to completely block all non-VPN traffic using firewall (Comodo in this case, but works with any other firewall as well). You've got to create the following global rule by doing the following:

Comodo Firewall -> Firewall -> Network Security Policy -> Global Rules -> Add

Action: Block
Protocol: IP
Direction: In/Out
Source Address: Network Zone - (You Internet Access zone, ex. home #1)
Destination Address: Exclude - IPv4 Single Address - Entry address of server

Now the Entry address of server would be the remote IP of the VPN server you're connecting to. OpenVPN for example will reflect that IP in *.ovpn config file under "remote" string.

Small, but highly important add-on to your security.

 

[str4ng3r]

I got the same result by patching my DNS leaks for when I go DEEP undercover. Now I can't get on the internet unless my VPN is on, lol!

 

[wdc]

Hi,

Please, Log in or Register to view quote content!

Mind sharing how you did that?

I used above tutorial and it works, thanks alot for sharing.
But i have some issue while using OpenVPN to one server and also at same time using Shadowsocks to connect to another proxy server which i set as a System proxy.

This way i have IP of shadowsocks server, but the Apps/System that refrain using shadowsocks connect via OpenVPN.

So i created second rule (one position above rule mentioned in the first post of this topic) to Allow IP In or Out from Network Zone #myzonename to My OpenVPN server IPv4.

And so it works that i connect my browser via shadowsocks server (one IP) and for example SCP/FTP sclient or PuTTy via openvpn server (second IP). Virtualised OS via Virtualbox also works and it got IP of my OpenVPN server BUT when i try rsync from remote server to virtualbox, then it fail with COnnection timeout. My Comodo firewall logs Blocked connection from my private IP 192.168.2.13 to 10.8.0.2 (openvpn server ip) port 137

How to go around this please?

 

[wdc]

Im replying to my previous message. The issue was with that Virtualbox machine OS, when i created new machine with different OS (Kali in my case), then connections worked.

 

[psner]

i guess even VPN does have an VPN KILL SWITCH
besides that, you can block your network connection as well, as the vpn network card is used
you can also cascade your connection wth 2 vpns, and or add a proxy on top. Use proxifier to simply avoid connections besides the proxy

 

[Xp2018]

best tip you will get: use whonix for your privacy (based on tor)

 

[Gr33nF0x]

I have gratitude overload! THANKS!

 

[kopite]

helpful thnx bro

 

[lockyluchiano]

Great share man... let me see

 

[Able_Age_9269]

thanks for this share bro!