Manual VPN Killswitch, App crashes and exposes my ip
With windows 7 and the older vpn clients, with the killswitch enabled it would completely ruin the internet connection even if the app was closed or crashed. With windows 10, it appears that the connection is reset and aquires all information automaticly in the event of an app closure or crash.
My issue is that I left the computer on overnight and at some point the PIA app crashed and the computer revereted to my main connetion, therefore exposing me. Bummer. In the past I could go in and configure the main ethernet connection with invalid ips, gateways, subnet masks ect and if the client failed, then the main connection would not be configured correctly and have no connection. With windows 10 however if the app crashes or closes it seems to reset all values to obtain these values automatically no matter what I set them to and re establishes my connection.
Is there a way to completely disable/misconfigure my ethernet connection in the event of a pia client crash? Thanks.
My issue is that I left the computer on overnight and at some point the PIA app crashed and the computer revereted to my main connetion, therefore exposing me. Bummer. In the past I could go in and configure the main ethernet connection with invalid ips, gateways, subnet masks ect and if the client failed, then the main connection would not be configured correctly and have no connection. With windows 10 however if the app crashes or closes it seems to reset all values to obtain these values automatically no matter what I set them to and re establishes my connection.
Is there a way to completely disable/misconfigure my ethernet connection in the event of a pia client crash? Thanks.
Comments
1. Create an outbound and inbound rule selecting in the rules to apply to "All Programs", select in the rule to "block the connection".
2. Open a windows admin command prompt and find the IP address (using command 'ipconfig/all') for your main connection interface (not the tap adapter) or any other connection interface that is not native to windows (for example, 'Intel...NIC adapter' 'Linksys Wireless....' and get the IP addresses for these too). On the scope tab of each rule created add the IP address of the main connection interface (and the others except the tap adapter) in the box for "local IP addresses'. If the IP address is not a private IP address you will need to add sub-netting. For example, if the IP address is a public IP and assigned from the ISP and it is 75.71.75.223 then the IP address you will enter on the scope tab will be 75.71.75.0/24. If the IP address is a private IP address, for example, 10.2.3.4 then just use that without any sub-netting. Then in each rule add IPv6 addresses (if you have them) by using the first four of the IPv6 address assigned to the main connection interface (and others), for example, if the first four is 2601 then add this in the rules > 2601::1 > in the same place on the scope tab under 'local IP addresses' you added the IPv4 address, then add these also > 8001::1 and ::1 in that same place. Do this for both the inbound and outbound rule
3. Give the rules a name and apply the changes, all done. Then test it by connecting to VPN, you should be fine and able to surf/use the internet, then disconnect the VPN and you should not be able to surf/use anywhere and any programs you had connected doing stuff should stop transferring traffic (thus no real IP exposure).
Note, the method modification stops all traffic when the VPN disconnects. You can tailor it to specific applications by changing the rules from "All Programs" to specific programs, with one program per rule. It works by blocking traffic to your main connection interface but when the VPN is connected it will use the VPN tap adapter. Effect is instant upon actual VPN disconnect, thus not exposing your real IP address.