Jump to content
Not connected, Your IP: 18.226.248.88
nuxt

Block all when not connected to VPN

Recommended Posts

Was going fine, i defined a block all in ESET NOD32 firewall. Allowed 85.17.207.151 on my "normal" profile where as everything else is blocked, this allowed me to login to the client with 85.17.207.151 set as the hosts file too.

However I cannot connect to any servers. I set the sweden 178.248.30.132 as allowed as well, but this did NOT remedy the problem. Once I've connected to the server, eset will change the profile to AirVPN which will then allow traffic again.

Any ideas on connecting to the actual server in my "normal" profile? (Automatic switching from normal: config_dhcpip zone to airvpn: dnsip zone)

Share this post


Link to post

hi Nuxt,

I've had all sorts of wacko problems with ESET firewalls, however not ever trying to connect with VPN services unfortunately.

I just had a thought that you probably need to add the 10.x.x.x rules both ways, as most firewalls it seems need that kind of thing for the tun or tap (on windows) traffic to go back and forth to the servers. The specs for which 10.x.x.x you need are here since it depends on ports and protocol you are using as to which 10 addies you'll need to use.

Hope that helps,

jz

Share this post


Link to post

Was going fine, i defined a block all in ESET NOD32 firewall. Allowed 85.17.207.151 on my "normal" profile where as everything else is blocked, this allowed me to login to the client with 85.17.207.151 set as the hosts file too.

However I cannot connect to any servers. I set the sweden 178.248.30.132 as allowed as well, but this did NOT remedy the problem. Once I've connected to the server, eset will change the profile to AirVPN which will then allow traffic again.

Any ideas on connecting to the actual server in my "normal" profile? (Automatic switching from normal: config_dhcpip zone to airvpn: dnsip zone)

Hello!

Please watch out: Serpentis entry-IP address is 178.248.30.131 (178.248.30.132 is the exit-IP address). Probably the root of your problem is there. No OpenVPN connections are allowed on the exit-IP address for your safety and security.

Kind regards

Share this post


Link to post

admin, that worked. Thank you. Very easy to set up a block all with profiles in eset!

Can you PM me all the entry-IPs for the servers you have? Thank you!

Share this post


Link to post

admin, that worked. Thank you. Very easy to set up a block all with profiles in eset!

Can you PM me all the entry-IPs for the servers you have? Thank you!

Hello!

Of course! Please send us a request through "Support"->"Contact us" form while you are logged in the web site with your premium account.

Kind regards

Share this post


Link to post

admin, that worked. Thank you. Very easy to set up a block all with profiles in eset!

Can you PM me all the entry-IPs for the servers you have? Thank you!

Hello!

Of course! Please send us a request through "Support"->"Contact us" form while you are logged in the web site with your premium account.

Kind regards

Got the list thanks. I have firewall to only allow a UDP port 443 connection to the VPN entry-IPs and that works great. However, logging into the airvpn client... is this TCP and Port 80? As I would like to limit it to just the needed ports/protocol.

Share this post


Link to post

admin, that worked. Thank you. Very easy to set up a block all with profiles in eset!

Can you PM me all the entry-IPs for the servers you have? Thank you!

Hello!

Of course! Please send us a request through "Support"->"Contact us" form while you are logged in the web site with your premium account.

Kind regards

Got the list thanks. I have firewall to only allow a UDP port 443 connection to the VPN entry-IPs and that works great. However, logging into the airvpn client... is this TCP and Port 80? As I would like to limit it to just the needed ports/protocol.

Hello!

It's a SSL/TLS connection to port 443 TCP. If you authorize indiscriminate connections toward port 443 TCP you might have leaks with a browser connecting in https, which will be able to establish a connection even when disconnected from the VPN, so you can permit outbound port 443 TCP only for airvpn.org IP address (85... if you use the secondary frontend, 212... if you use the primary frontend). Actually in our Comodo guide we just authorize anything to the secondary frontend.

Kind regards

Share this post


Link to post

admin, that worked. Thank you. Very easy to set up a block all with profiles in eset!

 

Can you PM me all the entry-IPs for the servers you have? Thank you!

 

Hiya, any chance you could describe how you configured it all in ESET? I'm struggling getting my head around what I do with all my existing rules before I moved to a VPN. Also how did you configure the profiles? Do they switch depending on whether you're connected to airvpn or not?  I've seen several examples of Comodo being configured like you describe, but I don't want to disable eset and start again with comodo..

 

Cheers.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...