ANSWERED Blocking non-VPN traffic with Windows Firewall

[migbot 0]

I have tweaked the backup function so you don't actually have to press Y or N.

 

There is an error in my script that I have fixed (was something I never really tested properly).

 

Use the updated script in the first post.

 

Works perfectly!!!

 

Thanks!!

[migbot 0]

 

I have tweaked the backup function so you don't actually have to press Y or N.

 

There is an error in my script that I have fixed (was something I never really tested properly).

 

Use the updated script in the first post.

 

Works perfectly!!!

 

Thanks!!

 

How hard would it be to change the script to allow certain connections (say Plex remote) to use a non VPN route, while everything is else remains routed through the VPN? Is it just a firewall rule?

 

Thanks!

[zhang888 1066]

This depends on how many different addresses your service uses. Best way to estimate

would be connecting to the service from a clean machine and inspecting the outgoing connections.

[migbot 0]

This depends on how many different addresses your service uses. Best way to estimate

would be connecting to the service from a clean machine and inspecting the outgoing connections.

 

My plex server resides on the same machine running the vpn and is accessible through a defined port. The various clients could be at any random address, depending on which network they are on. The problem is that directing the traffic from plex through the VPN does not provide enough bandwidth for streaming at 10+ Mbps.

 

Couldn't any outbound connection coming from the specified port be directed through a non-vpn route?

[Omniferum 9]

You can just add an 'allow' rule for the .exe to do whatever it likes or limit its IP/PORT access. The windows firewall does allow for program-specific configurations.

 

MAIN SCRIPT HAS BEEN UPDATED BECAUSE I MADE A STUPID MISTAKE.

 

I've made this as idiot-proof as possible now and, well, I doubt there are really gonna be anymore updates.

 

Still working rock solid for me.

 

Hope it is still out there helping people.

[maggie 0]

Hey,

 

There is something that I really cant figure it out how to solve... How to block all non-VPN traffic if I choose to connect to internet via a 3G USB modem (aka 3G/4G dongle)? The AirVPN client's default Network Lock can't block it neither. Any help and suggestions would be highly appreciated.

 

By the way, thank for a great script - works flawless for ethernet connections.

[Omniferum 9]

I suspect the problem is this line: wmic nic where PhysicalAdapter=TRUE get netconnectionid /format:csv

 

wmic nic where PhysicalAdapter=TRUE get netconnectionid /format:csv -> wmic nic get netconnectionid /format:csv

 

Basically if you remove this exact string (it occurs twice in the script, remember to change both!): PhysicalAdapter=TRUE

 

You can just search/replace in any text editor.

 

Please note that it is a suggestion and not a concrete answer as don't know what else your 3g modem does. If it has its own connection software then maybe there is an issue there but my guess is the best I could make given my skills and knowledge.

[Omniferum 9]

Actually if that suggestion DOESN'T fix it I would appreciate the output of the following command pasted here so I could check.

 

wmic nic get netconnectionid /format:csv

 

You can copy and paste that into any command window.

[nekrasof 0]

Hello! I've faced with error while running script. Could you please be so kind and give advise how to fix this problem ?

 

log from script is bellow

 

Sanitizing and configuring your network adaptors

------------------------------------------------

 

­apter... '­apterdnsprimary primary validate' is not a valid argument for this command.

The syntax supplied for this command is not valid. Check help for the correct syntax.

[Omniferum 9]

Fixed up a bit of the code. Working on Win11 still.