Windows - Block access when the client looses the connection

[highend]

Hi,

assuming that the openvpn user has local admin rights, is it possible to completely block all internet access when the openvpn client looses it's connection to the vpn server?

This could probably be done with two simple .bat files like:

.opvn config:
up "D:\\Users\\Highend\\scripts\\up.bat"
down "D:\\Users\\Highend\\scripts\\down.bat"

which contain the necessary firewall rules.

My problem is: How can I distinguish a manual (user initiated) disconnect from a --keepalive timeout disconnect?

Manual disconnect shouldn't trigger blocking access (the disconnect is for a reason but a connectivity loss because of a server failure / shutdown or anything else that isn't under user control should establish the blocking rules.

Any hints how I could accomplish that?

Tia,
highend

[janjust]

openvpn sets an environment variable 'signal' when calling the down script ; when a users stops openvpn you'd see something like

Code: Select all

signal=sigint

when openvpn shuts down due to a 'ping-restart' you will see

Code: Select all

signal=ping-restart

write your down.bat file to look for this signal and adjust the firewall/routing rules accordingly.

[highend]

Thanks a lot janjust,

Edit:
Ok, it's working flawlessly so far

Regards,
highend

[benzke]

Hello,

I would like to know how i can configure these settings. how do i have to do it?

can sombody help me?

thank you verry much!!!