VPN Kill Switch for Windows XP?

[FranceBB]

Hi there!

I'm gonna be in Italy for the next month or so and I'm gonna be using random wifi networks as I travel with my laptop, that's why I'm gonna use a VPN.

I already have a contract with a VPN provider and it works fine as it has every protocol I want, from the most recent one to the very oldest one.

As a matter of fact, going out and about with a computer running Windows XP using random free public Wi-Fi hotspots of various train stations in late 2019 isn't exactly the safest thing in the world and even though Avast Premier is definitely gonna do its job, I wanted to make sure to be protected, which is why I'm using a VPN and I want it to be constantly connected.

On my laptop I have a triple boot with Fedora, Windows 10 and Windows XP thanks to GRUB which allowed me to chainload them all.

Anyway, long story short, on Fedora I set up UFW (the built in Linux Firewall) to block all connections except for the IPs of the VPN servers I specified with the port I specified; this way, if the connection drops, all the traffic is gonna be blocked as well. I tested it and it works like a charm.

On Windows 10, I have the official client of my VPN Provider which also has an internet kill switch option, which works fine. Anyway, I don't really use Win10 for anything but work-related stuff as I like to keep it clean and with only work-related things 'cause I hate it and I don't wanna use it as my daily OS.

On Windows XP... Well... there's no client as it doesn't support XP (of course), so I set up the connection using the built in XP connection manager and I managed to connect to the VPN with an extremely vintage Dial-up-like window. Even though PPTP is very old and it's deprecated, I decided to connect to the VPN server using that protocol as I didn't manage to get L2TP working. Anyway, that's not a big deal; I mean, I'm not dealing with military-grade secrets here... (or am I?  hahaha). Anyway, I disabled the idle time disconnection with this command: net config server /autodisconnect:-1 , I clicked on "redial" in order to re-connect if the connection drops and I set the amount of seconds between each retry to 1 sec and the number of retries to 9999999. (By the way, it's funny how it says "redial" instead of "reconnect" as the window was originally created with telephone numbers in mind back when dial-up was still a thing). I tried to simulate a few internet drops and it works, I mean, it does reconnect as quickly as it can, but my question is: is this enough? I mean, is there a way to make sure that I'm not gonna leak anything? Like making an internet kill switch I made on Fedora that blocks all but the selected ip addresses and ports? It seems that the default windows firewall is not up to the task nor is the Avast Premier Firewall, so... is there something I can do?

This is how my connection looks like right now:

 

Any idea?

Thank you in advance,

Frank

[Mcinwwl]

You can take a try with Comodo Firewall. I never did anything as complex as you post in here, but it has a plenty of options, so you should make it up.

Latest version I managed to make working with XP is 5.13. 6.x and upwards, despite being officially supported, caused my system to crash when some settings were enabled.

[mjdbb1]

If you delete your default gateway from your regular (non-vpn) connection that should act as a killswitch.  I've used this before while using OpenVPN.  I have a script 'disable.cmd' which is basically just this line:

route delete 0.0.0.0 192.168.254.254

Where the 2nd IP address is just the address of your gateway/router.

[FranceBB]

On 9/2/2019 at 5:31 PM, mjdbb1 said:

If you delete your default gateway from your regular (non-vpn) connection that should act as a killswitch.  I've used this before while using OpenVPN.  I have a script 'disable.cmd' which is basically just this line:

route delete 0.0.0.0 192.168.254.254

Where the 2nd IP address is just the address of your gateway/router.

Good idea; I can make it execute the command whenever my VPN connection drops.