[SOLVED] VPN killswitch (prevent IP leakage)

[ihatemymonitor]

If my VPN loses connection I need to ensure my local IP is not leaked.

Setup:

-Win 7 VM

-VPN using SoftEther

-VPNCheck Pro (killswitch)

VPNCheck Pro closes my browser (Firefox) when my VPN goes down to prevent IP leakage.

However, I require a kill switch which will immediately stop ALL network traffic, not just close Firefox. This VM will be communicating with an API with a desktop client so VPNCheck pro would not work.

Any suggestions?

 

[ihatemymonitor]

If my VPN loses connection I need to ensure my local IP is not leaked.

Setup:

-Win 7 VmWare [Network Adapter: Bridged]

-VPN using SoftEther

-VPNCheck Pro (killswitch)

VPNCheck Pro closes my browser (Firefox) when my VPN goes down to prevent IP leakage.

However, I require a kill switch which will immediately stop ALL network traffic, not just close Firefox, OR just have all traffic forced to only travel through the VPN.

Any suggestions?

 

[SamirD]

Put a shortcut to ipconfig /release * ?

And put it in a batch file that is used to startup firefox so when firefox is shut down, the next line executes the ipconfig.

 

[ihatemymonitor]

Really not sure what you mean.

My goal is to force ALL traffic on my VM Workstation to go through its VPN.

 

[ihatemymonitor]

Goal: Force all traffic on my Win 7 VM to only go through my VPN.

My VM runs on a local PC (only VM will use VPN). I've custom desktop software in the VM communicating with an API so a killswitch like VPNCheck Pro wont work as it only closes your web browser if the VPN goes down.

Its mandatory that the VM cannot access the internet without the VPN. IP leakage absolutely cannot be allowed for security reasons. The API the VM is talking to can never see my real IP, only my VPN.

I need help on how to set this up. Do I change router rules? Make changes in CMD? Setup advanced firewall rules? How exactly do I do this? Can someone walk me through this?
If anyone has any extra time please feel free to PM me, as I understand it may take some time to set specific rules.

Setup:
-VPN provider: 24vc
-Win 7 VmWare [Network Adapter: Bridged]
-SoftEther VPN client manager (VPN software)
-VPNCheck Pro (killswitch)

 

[bill001g]

I know nothing about how your vm is setup but the way a vpn kill switch tends to implemented with a firewall or router is only allow the IP for the VPN server end point. You will have to adapt it to your vm.

Say the remote end IP address is 1.2.3.4. What you do is put in a rules that blocks all traffic except 1.2.3.4. You can also put in 0.0.0.0 route with a high metric to null or some other dummy IP. To be even more secure you would only allow the vpn protocols to 1.2.3.4 and nothing else. The routing method tend to have higher throughput than a firewall filter but when you talk vpn it may not really matter.

So this lets the VPN be established. The VPN will then inject a 0.0.0.0 route into the routing table that allows the traffic to run over the new tunnel. If the vpn fails the 0.0.0.0 route is removed. So now all traffic is either blocked by firewall rule or if you are using routing the higher meteric 0.0.0.0 route is placed into the routing table in place of the vpn and all traffic is discarded.