[Solved] Killswitch question

iinweediinweed
edited June 2018 in Windows VPN Setup
If I enable the killswitch option I lose the ability to connect to the machine via RDP from my local network.
I have no problems with the option turned off.
Has anyone got a workaround for this?

Comments

  • piaabopiaabo
    edited June 2018
    open windows command prompt (cmd) and type route print to view your routing table, you will see the difference before and after the vpn connects. Notice the default route (0.0.0.0) 'anywhere' via your gateway (router? ip address) is deleted by the killswitch action. This will prevent leaked connections to the internet but also access to your local network. Perhaps adding a specific route to your lan/host would help.
    you could check using the ping command to confirm if a certain (host) ip can be reached.
    Search for how to add persistent routes (run command prompt as admin to make changes to the table).
  • iinweediinweed
    Hmm.. Thanks, I'll take a look.
  • iinweediinweed
    edited June 2018
    After much fiddling, I found that - 
    Ping worked fine
    Network folder shares were all visible
    Local Webserver was accessible (edit - no it wasn't, so updated firewall for that too)
    Just RDP not connecting.

    Disabled the public side of the firewall and off it went.

    Soooo..
    I have enabled Remote Desktop (TCP In) for public networks in the advanced firewall Inbound rules.
    I edited the scope so that only local address ranges are allowed. (192.168.1.0/24)

    I can't see there being any security issues with this if only local LAN addresses are within scope - can anyone else?
  • piaabopiaabo
    Good work. That would prevent external login attempts. Don't forget the basics, strong passwords etc..
Sign In or Register to comment.