Go Back   Computer Forums > General Computing > Networking | DNS
Click Here to Login
Join Computer forums Today


Reply
 
Thread Tools Search this Thread Display Modes
 
Old 03-02-2017, 04:18 PM   #1
Baseband Member
 
Join Date: Mar 2014
Location: Czech Republic
Posts: 63
Exclamation Windows firewall disable everything except OpenVPN

Hello,

my aim is to set Windows Firewall to block all traffic that do not go thru OpenVPN or ShadowSocks.

So i googled and found tutorial which i followed https://support.nvpn.net/Knowledgeba...ndows-firewall

Except that i have not set Win. Firewall to block all traffic by default just on "Private" and "Domain" network profile, but also on "public" profile as i have public set as default somehow. So all profiles should have in/out traffic blocked, except my custom rules for openvpn and shadowsocks apps which are allowed.

Second thing i did differently from that tutorial is that i removed all "Allow" kind of rules in both inbound/outbound firewall rules so it is sure indeed everything except openvpn is blocked.

Screenshots are here

After this in Microsoft Edge browser (set to no proxy, autodetect) i can not visit any website (good, but strange, while OpenVPN is running, Firefox set to openvpn works OK).

BUT the bigger issue is this: despite that Win. Firewall should block everything except openvpn and shadowsocks application's traffic, the "tracert 8.8.8.8" command done via command line finishes and i see my real public facing IP in the path (bad, it should be blocked, only openvpn traffic allowed). And when i enable my secondary firewall (Comodo) then traceroute is blocked as i set commodo to block exerything except openvpn.
So this is strange why Windows firewall do no block that traceroute. Any idea please?
__________________

__________________
postcd is offline   Reply With Quote
Old 03-03-2017, 06:35 PM   #2
Baseband Member
 
Join Date: Mar 2014
Location: Czech Republic
Posts: 63
Default Re: Windows firewall disable everything except OpenVPN

Here is iproute if anyone knows which rule to delete/modify and how: https://s20.postimg.org/jx7gcgkb1/iproute.gif
__________________

__________________
postcd is offline   Reply With Quote
Old 03-04-2017, 01:01 AM   #3
Fully Optimized
 
crazyman143's Avatar
 
Join Date: May 2004
Location: USA
Posts: 2,962
Default Re: Windows firewall disable everything except OpenVPN

I tried recreating what you've described, but when I change the default for outbound connections on my current profile, it does indeed block all traffic, and I cannot ping/traceroute out from my machine.

Are you sure there are no other allow rules still in effect? You might need to competely reset the firewall to defaults via the "Action" menu and then start over. Do you have any antivirus software that could be taking precendence over the Windows firewall?
__________________
crazyman143 is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off



All times are GMT -5. The time now is 10:18 AM.


Powered by vBulletin® Version 3.8.8 Beta 4
Copyright ©2000 - 2018, vBulletin Solutions, Inc.
Search Engine Friendly URLs by vBSEO 3.6.0