VPN disconnect safeguard

Is it possible to create rules that will shut down specific programs, particularly my torrent client, if my (open) VPN disconnects unexpectedly, or is there a better method? Programs like VPNetMon and VPNCheck don’t appear to work with open VPN (or I may have misunderstood this).

Any help really appreciated :-TU.

VPNCheck works for me :-\

I was looking for a free solution. Its website says open VPN only available in pro version.

OH! Yes, I actually purchased it myself so that could be why.

I do not know whether it’s possible with CIS or CFW though if it is then I don’t know how to do it, sorry :-\

Thanks anyway

This guide was written for CIS 5.x but still works for CIS 6

It allows you to block all non VPN traffic on a per application basis :-TU
ideal for your browser, Utorrent etc

Thanks a lot. Creating the original rules for my torrent client was pretty straightforward but this looks a little too complex for my liking. Would like a more idiot proof explanation. Does anyone know if VPNetMon works with open VPN?

Edit: just about getting my head round it

Update: Point D is complete gibberish, presumably because the guy’s referring to an older version of Comodo. Also, it says all other rules will be removed, and you’ll have to improvise!!!. As it’s a torrent client, what do I do about the original application rules I created? Any help would be appreciated :-TU

See if this makes any more sense - Prevent leaks with Windows & Comodo

Thanks a lot Radaghast. Really appreciated. They do seem unnecessarily complex (lots of waffle and not very clearly written either) for what I’m trying to do though, which is just to shut down one application, my torrent client, if my VPN disconnects.

I’d really appreciate your opinion on these instructions, which seem far simpler and clearer, and appear to work, despite the warning at the top which says they probably won’t:
http://support.nvpn.net/Knowledgebase/Article/View/382/0/how-to-force-an-application-to-only-use-the-vpn

When I disconnect from my VPN, so does my torrent client. When I reconnect, so does my client. All of your rules which I previously created for my client https://forums.comodo.com/firewall-help-cis/utorrent-problems-t70329.0.html;msg500592 have disappeared, as the instructions say

In fact, I used rules A to C from treefrogs link, and then the 2 application rules from my link above, because application rule D in treefrog’s link is difficult to follow because it relates to an older version of CF that I am unfamiliar with. If what I’ve done is wrong, can you please let me know?

Finally, for CF version 5, should Rule D in treefrog’s list read:

  1. … Application Rules
  2. Select desired application
  3. Under Network Access Rules, select ‘Use A Predefined Policy’
  4. Select the VPN
  5. Apply etc

If you can confirm this is correct for rule D, then I’ll replace the other 2 application rules I used with it.

Also, I’m a bit concerned that security via my torrent client isn’t as good now because all the above methods automatically remove your torrent client rules. Is there a method that can combine them with the VPN disconnect switch off rules?

Thanks!

Still waiting for a reply to my previous post.

Yes, VPN Watcher from UGD software ; free version will turn utorrent OFF if VPM is lost and ON again when VPN is active; paid version will suspend utorrent if VPN is lost.Is only 9$.

Claudiu

Thanks for the info. Unfortunately it only checks for connectivity every 1 second, which seems fast, but a similar program, VPNetMon, checks every 500ms or every 100 ms, and users have said their true ip address has been visible for a fraction of a second on the longer of these settings, 500ms, which is still quicker than VPN Watcher. Really appreciate the help though :-TU

Hi,

I ping one of my VPN servers (in Europe) and , from Canada I got 137ms , so most likely less than 500ms is not advisable, the server doesn’t have time to answer and your app (utorrent) will get suspended very often.

Claudiu

Thanks a lot Claudiu. I may go ahead and use VPN Watcher.

Does anyone know if VPNetMon works with open VPN? Of course, info on any other programs that do a similar job would be appreciated.

In the meantime I would still appreciate a reply to my 11 February post above.

Hi
VPNetMon does work with OpenVPN however you can achieve the same VPN security with CFW

maybe this helps - in my case my VPN provider is Anonine

[attachment deleted by admin]

thanks a lot tf. Using 5.12 so the UI is unfamiliar to me. I guess this is rule D in the guide you linked on 10 Feb (which itself was written for version 4x, hence my question regarding rule D in my 11 February post). So Ruleset in 6 is what was referred to as predefined policy in 5.

Also, as I said in my 11 Feb post, has my torrent client security been compromised because rule D removes all other application rules? :-TU

Yeah predefined policy’s are now referred to as rulesets
I used the same guide in 5.x also which probably helped me make sense of it pretty easy in version 6.x
To be honest if you have completed steps A, B and C your almost done :-TU
Step D should be straight forward - especially if you follow the screenies I posted…

If I can help anymore though just ask :slight_smile:

Yep, A B and C were never a problem. D very straightforward - just select my VPN from the drop down predefined policies list.

Just been testing my torrent client by disconnecting my VPN. I’ve noticed the data being d/loaded doesn’t stop immediately, but it gradually reduces to zero over about 15 seconds or so. Is this quite normal?

Thats it
To test it I set my browser for VPN only connections then disconnect from the VPN then try to visit any web page - if all’s good then you should not be able to connect to the web.
I also have CFW set to custom with alerts set to high and create rules for safe applications checked which enables a popup for every web connection attempt so I can decide what rule I want set for each connection but crucially rules are created so after a short while the number of FW popups decreases.
In theory this set up will alert to any malware trying to phone home as all new and unknown connecction attempts create a popup.

I think I’ll stick with safe mode for now. I was just wondering about my torrent client not appearing to stop d/loading immediately when I disconnect my VPN but I guess that’s just normal.