Future Consideration VPN Kill Switch
Future Consideration VPN Kill Switch
AX5400 Wi-Fi 6 Router
disable internet access to vpn client devices when openvpn client not connected to vpn server
I want to disable internet for devices in vpn-client device list as long as vpn client is not connected to a vpn server.
at the moment devices reach internet. I have setup OpenVPN client.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi, what's the point of a router with a VPN function if it doesn't have a killswitch?
It's like a mousetrap, you think you're safe but all it takes is nothing and you drown.
Too bad, I was enjoying recommending these routers to my customers, relatively cheap and easy to configure.
- Copy Link
- Report Inappropriate Content
Echoing the sentiment in this thread. It's been years of customers asking for this feature, a feature which doesn't require any additional hardware and could easily be pushed out as a patch to existing devices' configuration settings. Without this, using a VPN for privacy (aka every VPN service provider's main line of advertising) is effectively nullified. The moment a hiccup occurs on the network (or Omada's VPN client offering), your IP will be leaked, effectively making this whole thing pointless.
Again, this is a software solution. There is no excuse for a basic feature available on home routers to be absent from high-end business model controllers, especially when they are marketed as having VPN client support. At least add a disclaimer.
- Copy Link
- Report Inappropriate Content
The problem here is not a new feature. The real issue is that TP-Link does not want to solve a bug in their firmware. I implemented a kill switch can through routing policies and firewall rules. The real issue is a DNS leak that makes the local IP visible until the routing policies and firewall rules take effect 15 to 20 seconds after the VPN connection is lost.
Routing policies and firewall rules must block local internet access when the VPN connection is lost and not 15 to 20 seconds later. This is a bug that TP-Link is reluctant to fix without caring that this security issue must be corrected immediately. TP-Link advertises that these routers are ideal for client-to-site and site-to-site VPN connectivity, but with this security issue, I will not recommend using any model of this brand until this bug is fixed.
aerubik wrote
AX5400 Wi-Fi 6 Router
disable internet access to vpn client devices when openvpn client not connected to vpn server
I want to disable internet for devices in vpn-client device list as long as vpn client is not connected to a vpn server.
at the moment devices reach internet. I have setup OpenVPN client.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 5
Views: 1680
Replies: 13
Voters 5
