I use a PPTP VPN tunnel to connect to the internet. I want the connection to cut off if there is a problem with the VPN and it drops/disconnects so there is no way to access the Internet without a working VPN.

I use the yourprivatevpn.com client (can also use manual VPN setup thru windows)

Running Windows 7 x64

4 Answers4


This doesn't make sense.

The VPN connection is a tunnel inside your standard Internet connection, which allows you to access a remote network through the Internet. There can't be any VPN without a working Internet connection. For this reason, it's impossible for your Internet connection to need the VPN, because the exact opposite is true: it's the VPN which needs a working Internet connection before it can even be established.

Depending on your operating system (which one, BTW?), your Internet connectivity (dial-up? DSL? Cable? Do you even have a router?) and your VPN software, there might be some way to automatically drop the Internet connection (or disable your computer's NIC) if the VPN goes down; but you should keep in mind that having "a way to access the Internet without a working VPN" is a prerequisite for the VPN itself to come up. Any solution like this will very likely require manual intervention to go back to a working state.

  • 68,714
  • 56
  • 196
  • 319
  • I understand that you need a working Internet connection to establish a VPN tunnel, however, at the very least, I'd want to disable port 22, 23, and 80 if there is no functional VPN connection. Thru a firewall rule, or some other means. The client offers no support to perform this function (only redialing if the connection drops). –  Jul 11 '11 at 20:22
  • Then a script which monitors your VPN connection and changes your firewall configuration if it's down may be your only option. May ask what reason do you have for wanting this? – Massimo Jul 11 '11 at 20:36
  • I travel to countries with very draconian laws on what you can and cannot access online, so I dont want any hassle. –  Jul 11 '11 at 21:08
  • If you have some proxy at the other end of that VPN, you can configure your browser to use it; then, if the VPN (and thus the proxy) is not available, your browser will simply not be able to connect to anything. – Massimo Jul 11 '11 at 21:11
  • Web browsing is only a part of it. I wanted to block SMTP, FTP, and SFTP also. –  Jul 11 '11 at 21:17

You know, I think you could probably do this using Windows Firewall with Advanced Security. When not connected to the VPN you should have a LAN connection that should be a Home network (private profile) or a Domain network (domain profile). When connected to the VPN you should have another network connection that is a Public network (public profile). Windows Firewall with Advanced Security allows you to create different rules based on the network type (profile) that you're connected to. You could create outbound rules that disallow the appropriate traffic for the Home or Work network (LAN) but allow it for the Public network (VPN).

  • 108,377
  • 6
  • 80
  • 171
  • How is this facilitated in win 7 firewall? Ive been trying everything, and failing.... –  Jul 12 '11 at 05:15

Found solution here: http://www.purevpn.com/win7-firewall.php


There might be a "hack" way of doing this, the best way to set this up would be with an actual Firewall device like a Sonicwall or a Cisco PIX. You can setup the VPN tunnel through that device and restrict all traffic to go through the tunnel and not through anything else.

  • 4,524
  • 7
  • 32
  • 51