Allow Nothing But OpenVPN, Unless it's Down...

Okay… So, I’m thinking about subscribing to a VPN service that uses OpenVPN (not a business thing) that will route my interwebs traffic through it (like browsing and such). What I’m wanting to do is use Comodo Firewall to Block everything that’s not using the OpenVPN connection when it’s active. I’m wanting to allow a single application, with very specific ports, to communicate when the OpenVPN is not active.

I would love to be able to have this application always just use my bare ISP straight forward connection and have everything else on my machine go through OpenVPN. It’s a game that I’m wanting to use the bare connection, for obvious reasons.

I hope you guys understand what I’m trying to do here. Anyway, I’m looking for what I need to set up (rule wise and all) in the firewall to make this happen, one way or the other. I am also open to any other solutions that allow me to more elegantly address my needs. Thank you all greatly!

This post;msg333001#msg333001 may answer what you’re looking for.

Yeah, that’s for a ‘business vpn’ or ‘boxed vpn’, not a service. I’d think the rules to be similar, but the whole dns rule would be eliminated because the dns would be offered through the vpn service; and instead of using the vpn ip address ranges, the openvpn port number would be used.

I was hoping for something more elegant than this though. With those rules, I have to completely disable the firewall and disconnect from the vpn when I want to do something outside the scope of the vpn. I was hoping someone knew a more elegant way to do this without having to possibly do either one of these, disconnect from the vpn or disable the firewall; or at the very least, not have to disable the firewall.