Jump to content
TorGuard
  • 0

Internet Kill Switch

Rate this question


Torguard VPN User 1337
 Share

Question

What's the most reliable way to implement an internet kill switch on VPN disconnection?

 

I assume its either on-disconnection script to disable net adapters, or have the VPN manage the net adapters.

 

What adapters need to be disabled? Is it the adapter that connects to the internet router or the TAP adapter or both?

 

Is there an up to date guide anywhere?

 

Thanks

Link to comment
Share on other sites

9 answers to this question

Recommended Posts

  • 0

Hi,

 

Thanks for reply.

 

My net setup includes a Hyper-v virtual adapter. The physical cabled adapter 'Ethernet' doesn't appear in the VPN client list of adapters. 

Which one/s should I select?

 

torguard.jpg

Link to comment
Share on other sites

  • 0

Hi,

 

I don't think Hyper-v works like that. Once you create an external network on the virtual switch it 'disables' access to the physical adapter and creates a virtual adapter on the host OS. In fact although you can see the Broadcom adapter in the Network Connections view, it doesn't appear in the ipconfig /all list. 

 

Now I'm wondering how I can share the VPN connection from the VM OS. At the moment the host is using VPN and the VM is using the ISP route. How does the VPN client know where to route internet traffic to? I guess I don't know much about how VPN, TAP adapters and VPN routing works.

 

Any help appreciated

 

clip_image004.png

Link to comment
Share on other sites

  • 0

The physical Broadcom adapter is not enumerated in the ipconfig /all and the Local Area Connection* 2 appears to be a Wi-Fi Direct Virtual Adapter that is disconnected anyway.

 

I've tried the killswitch feature for the Hyper-V virtual adapter and it appears to be unreliable. However just been messing around with the pre-connection and disconnection scripts and that appears to work ok. Disabling the virtual adapter kills all host OS internet comms.

 

I'm not sure about using the TAP adapter in the Hyper-V switch. That doesn't sound right. Is your advice based on a known working configuration?

 

Thanks

 

 

Wireless LAN adapter Local Area Connection* 2:

 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 16-70-12-E0-A9-2B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Link to comment
Share on other sites

  • 0

It's Windows-10 Pro, which has Hyper-V client built in. You need to add Hyper-V as a Windows Feature, but its part of Pro.

 

As previously mentioned, when you add a physical network adapter as an external network in the Virtual Switch it creates virtual adapters in both the Host OS and the Guest OS and removes the physical adapter from the Host OS list of adapters, although you still see it as a Windows device.

 

This is why I don't believe adding the TAP adapter to the Virtual Switch would work out well. Windows would remove it from the Host OS and the VPN client would not be able to find it.

 

Maybe someone has done this before. 

 

Thanks for your help.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...