How to Prevent An Automatic Reconnection to Avoid IP Leaks?
Hi there,
I have already submitted this question to the PIA helpdesk several days ago, but given the fact that it has not yet been answered, and in view of the interest it may harbor for other PIA users as well, I decide to ask it again in this forum so that they too could benefit from a public answer.
In a recent review of PIA, the author claims that its Windows client is suffering from serious security problems. "I discovered both IPv4 and IPv6 leaks during my testing results," he asserts.
https://restoreprivacy.com/private-internet-access-review/
Assuming that this reviewer is right, I would like to know how I can prevent the PIA Windows client from being automatically reconnected after a sudden VPN drop so that I have time to shut down all active applications and connections. After all, leaks during reconnection would make the protection provided by the killerswitch just seconds before completely useless... At least, that is what I, a computer illiterate, think...
Many thanks in advance for all your feedback!
I have already submitted this question to the PIA helpdesk several days ago, but given the fact that it has not yet been answered, and in view of the interest it may harbor for other PIA users as well, I decide to ask it again in this forum so that they too could benefit from a public answer.
In a recent review of PIA, the author claims that its Windows client is suffering from serious security problems. "I discovered both IPv4 and IPv6 leaks during my testing results," he asserts.
https://restoreprivacy.com/private-internet-access-review/
Assuming that this reviewer is right, I would like to know how I can prevent the PIA Windows client from being automatically reconnected after a sudden VPN drop so that I have time to shut down all active applications and connections. After all, leaks during reconnection would make the protection provided by the killerswitch just seconds before completely useless... At least, that is what I, a computer illiterate, think...
Many thanks in advance for all your feedback!
Comments
" In testing out PIA, I discovered that their VPN apps would leak IPv4 addresses during reconnection."
https://restoreprivacy.com/purevpn-vs-private-internet-access/
Now, if you want the OS to basically shutdown your network link, then I would recommend a fire wall that will shut down the Network side upon lose of VPN. Comodo I believe has that ability. I use Comodo, but only for one application. If the VPN link is lost that application stops working, period. Again, all is IMHO.
Thanks for your response... However, if you are right, then it would mean that all the talk about the kill switch does not make any sense at all...
From the webpage of Private Internet Access:
"The internet kill switch activates VPN disconnect protection. If you disconnect from the VPN, your internet access will stop working. It will reactivate normal internet access when you deactivate the kill switch mode or exit the application. "
Why does the PIA kill switch not work as described above so that a PIA user has the time and opportunity to manually shut down all active applications and connections himself? Is it not possible to disable the automatic reconnection after a VPN drop? As I said before, both the automatic reconnection and the leaks during the reconnection process seem to make the kill switch protection utterly useless...
Because OpenVPN does not have a "kill switch" perse, I installed and use Comodo Fire Wall. If it detects the TAP adapter has been disconnected, all internet activity stops until the TAP adapter is reinstated.
However, after a few hours, I saw that both adapters showed "Internet access" . I disconnected and reconnected PIA to get the Wi-Fi to show "No internet access".
I did nothing to the adapters. How could this happen?
while true
do
# wait 2 seconds
sleep 2
#verify VPN
UP=$(ifconfig tun0 | grep "UP")
if [ -z "$UP" ]; then
# disconnect ethernet connection
nmcli dev disconnect iface "$mieth"
#ifconfig "$mieth" down [this works but requires root priviledges]
echo " The VPN was not up. Ethernet connection has been SHUT DOWN. .. reenable it manually. Script exited at .. " $(date)
#" you can also re-connect with command -> nmcli con up id "name of connection"
zenity --error --text "VPN Appears to be Down!"
# exit the loop
exit
else
echo " ok- vpn up .. "
fi
done
If you disconnect the vpn manually it will delete the default route again, blocking access. There could perhaps be cases where the app fails and your wifi reconnects, in which case i suggest don't let your wifi connect automatically, then if it drops it shouldn't come back up. Another option would be to use task scheduler to trigger on event(wifi connects) and delete the default route(route DELETE 0.0.0.0 'ip of your wifi gateway here'). Or set up some polling interval as in the script above.
However, 1-2 time a day I note that the PIA app in the Win10 tray has a different IP, suggesting it is PIA that is "dropping" to change IPs. At these times, the connection often changes such that the WiFi adapter toggles between "No internet access" and "Internet access" -- which is what I am reporting.
Each time (no matter the state of this "toggle") I look at ipleak.net, I see no drop in VPN protection.