VPN kill switch via static route?

By DarkHorizons
in Smart Home, Network & Security

 Share

Recommended Posts

Enthusiast

DarkHorizons

Posted
Posted (edited)

Hi,

 

I'm currently using OpenVPN AS on a VPS, when the VPN drops is it possible to stop all traffic in/out via my private IP by using a static route to my VPN server and not setting a gateway on my windows network adapter? I basically only want traffic going through my VPN and my internet isn't the best and tends to drop for a moment a few times a week. I have a look at some other solutions such as firewall rules but they seem quite messy.

Link to comment
https://www.neowin.net/forum/topic/1282738-vpn-kill-switch-via-static-route/
Share on other sites
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Are you running the client on your box or is a router connection? 

 

If on your computer and you don't set a gateway on your PC, and only have a route to the IP or network of your vpn server, then sure it would not be possible for your computer to go anywhere other than the vpn, if that was down then only the local network would be reachable.

 

If vpn is on your router then you could limit traffic to only through the vpn through some basic firewall rules and or policy based routing.

  • DarkHorizons
  • Like 1
Enthusiast

DarkHorizons

Posted
  • Author
Posted (edited)

I'm running the VPN client on my local machine, the VPN server is outside of my network. I'm not quite sure on how I'd need to set the route though.

 

Say my LAN IP is 192.168.0.10, the VPN server IP is 100.200.50.80, I assume the command would look something like: 

route add 100.200.50.80 mask 255.255.255.0 192.168.0.10

If this is correct is the mask the subnet of the VPN server IP or my local interface? Or would I need to set the interface IP to the IP assigned by the VPN server to the virtual adapter?

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

your gateway would be your router.. Lets assume 192.168.0.1 ??

 

your above command would route traffic to yourself.. You need to tell you computer how to get to that network, which would be the IP of your router that has the internet connection.

 

So example if your machine is 192.168.0.10 and your router is 192.168.0.1, and you know what the mask of your vps is.. I doubt its a /24, most likely bigger but you since its a vps and most likely is IP never changes, I know mine never do you would want to use a /32 mask

 

route add 100.200.50.80 mask 255.255.255.255 192.168.0.1

 

You should not have to add the metric or interface to the command.  So this command tells your machine hey if you want to go to 100.200.50.80 send the traffic to 192.168.0.1 to get there.

 

you can then verify the route with route print.  This will allow your machine to create your vpn connection, but if wanted to go to say 8.8.8.8, it would not have a default gateway and would have no way to get there.  You need to make sure you don't set a default gateway on your pc, nor get one from dhcp..  Which most routers dhcp don't even let you alter so you would have to set static IP on your PC for this routing stuff to work.  Keep in mind, where are you pointing for dns?  Your router - then it would be able to look up stuff, but never be able to get there other than this 1 specific IP you setup a route for

This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • Here's what to expect from Samsung's July Unpacked event

      By Hamid Ganji · Posted

      Here's what to expect from Samsung's July Unpacked event by Hamid Ganji Samsung held its first Unpacked event of the year in January to unveil the Galaxy S25 series. However, the Korean OEM is also gearing up to hold its second 2025 Unpacked event sometime next month, focusing on its next-generation foldable phones and a new pair of Galaxy Watch wearables. Samsung might also give us a detailed look into the upcoming Project Moohan XR Headset and a rumored tri-folding smartphone that might launch later in the year or early 2026. One UI 8 is another topic Samsung might discuss at the event. Here's everything we expect Samsung to unveil at next month's Unpacked event. When the event kicks off To date, there have been conflicting rumors about when the Unpacked event will start. However, the latest hint comes from renowned tipster Evan Blass, who says the second 2025 Unpacked event begins on July 9, 10 AM EDT. Samsung has yet to confirm the alleged date, but it aligns with the company's unveiling of the Galaxy Z Fold 6 and Flip 6 on July 10 last year. New foldables are down the road Galaxy Z Fold 7 and Galaxy Z Flip 7 will take the stage at the upcoming Unpacked event. Both phones will offer upgrades compared to their predecessors, but the overall design is expected to remain relatively the same. Some sources have claimed Z Fold 7 would be Samsung's thinnest foldable ever, presumably 4.5mm thick when fully unfolded. Also, Z Fold 7 might get a bigger screen at 6.5 and 8.2-inch. Samsung might also switch to a 200MP camera in the lineup. Other rumored specs for Samsung's next-gen foldable include Snapdragon 8 Elite, a 4,400 mAh battery, and One UI 8 out of the box. Meanwhile, there are also some swirling rumors about a so-called Galaxy Z Flip 7 FE (Fan Edition) in the pipeline. The device could be a stripped-down version of Samsung's Galaxy Z Flip 7 with lower hardware specs and a cheaper price tag. A new pair of smartwatches Samsung will also reveal the Galaxy Watch 8 and a Classic variant at July's Unpacked event. As for design, we don't expect a radical makeover for the Galaxy Watch 8, but the Classic model could take most of its cues from Samsung's Galaxy Ultra watch models. Also, the Watch 8 Classic could bring back the rotating bezel on top. Both watches will come with One UI 8 Watch out of the box and Gemini AI to replace the Assistant. Gemini could help with health features and keep track of users' physical activities. Samsung was also rumored to be working on Blood glucose monitoring for next-gen smartwatches, and it might finally make its debut at the upcoming Unpacked event. More details about July's Unpacked event will surface in the days leading up to it. You can watch the live stream of the event through Samsung's website or the company's YouTube channel.
    • Here are some of the ways you can use Safari's new look on Apple iOS 26

      By Deranox · Posted

      Can't they just allow people to hide the status bar (battery etc.) when Safari is open and to hide the bottom bar completely when scrolling for a true full-screen experience ? Samsung does that on its Samsung Internet Browser and it's a very good experience.
    • Trend Micro Cleaner One Pro 6.8.0.333

      By Copernic · Posted

      Trend Micro Cleaner One Pro 6.8.0.333 by Razvan Serea Trend Micro Cleaner One Pro is an all-in-one disk cleaning and optimization software. Free up disk space by removing bloatware and junk files, and solve small issues before they become big problems. Cleaner One Pro scans your disks quickly and then displays the garbage files so you can decide which of them you want to be removed. Cleaner One Pro also provides some advanced features including start up manager, application manager and registry cleaner. Keep your PC clean and automatically tune it up for the best performance. Cleaner One Pro key features: Junk File Cleaner Quick scan to remove temporary files Erase leftover hidden files from deleted Apps Clear trash on external drives Large File Scanner Find large files on your disk and free up more storage Filter and manage files by size (from 10MB+), date, name and type Avoid accidental deletions: Lock to protect important large files. No escape for local files synced from Cloud drives Disk Map Analyze your storage in a visual and interactive map. Color-coded breakdown of every folder on your disk, with detailed information at one click. Easier to manually navigate and manage folders/files by size. Duplicate Files Customizable folder search range. Find and filter unused file copies in just a few seconds. Similar Photos Tidy up your albums and remove duplicate photos the easy way. Registry Cleaner Scan Windows Registry Automatically Finds errors & residual items in the registry and then cleans or defrags them Start up Manager Control, configure and review the programs and services that start with Windows Speed up boot time easily. App Manager Uninstall third-party apps and associated files in a breeze. View and manage Apps by name, size or date. Batch remove multiple unused Apps. Note: Cleaner One Pro 6.8.0.333 changelog is not yet available. Download: Cleaner One Pro 6.8.0.333 | 66.1 MB (Freeware, paid upgrade available) View: Home Page | Cleaner One Pro for Mac OS | Windows Store | Screenshot Get alerted to all of our Software updates on Twitter at @NeowinSoftware
    • Strange icon being displayed (rotating/spinning settings thingy) on iPhone

      By kiddingguy · Posted

      A friend of mine got this icon being displayed on his iPhone 8 [he's currently in Paris, France - so it might be a local/country icon?!] Do you guys & gals know what this means? I looked on Apple's site, but this icon isn't listed: https://support.apple.com/guide/iphone/learn-the-meaning-of-the-status-icons-iphef7bb57dc/ios
    • Politically funny images of the World

      By +thexfile · Posted

      Trump is a willing victim.

  • Recent Achievements

    • One Month Later
      serfegyed earned a badge
      One Month Later
    • Dedicated
      firey earned a badge
      Dedicated
    • Dedicated
      fettermanj earned a badge
      Dedicated
    • One Month Later
      SekTheFirst earned a badge
      One Month Later
    • First Post
      zayanhani earned a badge
      First Post

  • Popular Contributors

    1. 1
      +primortal
      638
    2. 2
      ATLien_0
      231
    3. 3
      Michael Scrip
      219
    4. 4
      Xenon
      145
    5. 5
      Steven P.
      141
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!