To elaborate on Zoredache's answer, your problem can be solved by changing your routing configuration. I'll provide examples for Windows.
Collecting Information
Step 1: Description and Default Gateway
Firstly, you need to determine your local connection's Description and Default Gateway. Open up a command prompt (Start
-> Run...
-> cmd
) and then run ipconfig /all
. You will see output similar to the following:
Windows IP Configuration
...
Ethernet adapter Local Network Connection:
...
Description . . . . . . . . . . . : Intel(R) 123BBQ Network Connection
Physical Address. . . . . . . . . : 12-FE-34-DC-56-BA
...
IPv4 Address. . . . . . . . . . . : 11.22.33.44(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
...
Default Gateway . . . . . . . . . : 11.22.33.1
...
...
Note that if you are connecting to your ISP first, (Eg. via a PPPoE connection where you enter a username and password), you will need to look for something like PPP adapter <Connection Name>:
instead. In this example, the Description is Intel(R) 123BBQ Network Connection and the Default Gateway is 11.22.33.1.
Step 2: VPN End Point IP Address
Next, you need your VPN end point's IP address. You mention that you use a VPN service provider. If your VPN connects to a hostname (Eg. vpn1.serviceprovider.com), you can determine the IP address by running ping vpn1.serviceprovider.com
in the command prompt (nslookup
may also be used):
Pinging vpn1.serviceprovider.com [66.77.88.99] with 32 bytes of data:
Reply from 66.77.88.99: bytes=32 time=50ms TTL=55
...
In this example, the VPN end point IP is 66.77.88.99.
Step 3: Interface Number
Lastly, you need your local connection's interface number. Run route print x
(x is a bogus filter so you don't see much more than the interface list) in the command prompt:
===========================================================================
Interface List
...
11...12 fe 34 dc 56 ba ......Intel(R) 123BBQ Network Connection
1...........................Software Loopback Interface 1
...
===========================================================================
...
The interface number is the first number on the line, and you need to find the line that has the same description as in our first step. In this example, Intel(R) 123BBQ Network Connection has an interface number of 11.
Setting It All Up
Disabling Routing
Once you have all this information, and after you are connected to your VPN, run the following in the command prompt:
route add <VPN end point IP> mask 255.255.255.255 <Local connection's Default Gateway> metric 1 if <Local connection's interface number>
route delete 0.0.0.0 if <Local connection's interface number>
Eg: route add 66.77.88.99 mask 255.255.255.255 11.22.33.1 metric 1 if 11
Eg: route delete 0.0.0.0 if 11
This will remove the default route from your local connection, and replaces it with a single route directly to your VPN end point. Now, when your VPN connection drops, there is no route for traffic to reach the internet, so your IP address won't be exposed.
Re-enabling Routing
To restore your local connection's default route, you can run the following in the command prompt:
route add 0.0.0.0 mask 0.0.0.0 <Local connection's Default Gateway> metric 1 if <Local connection's interface number>
Eg: route add 0.0.0.0 mask 0.0.0.0 11.22.33.1 metric 1 if 11
You may need to do this in order to reconnect to the VPN if your VPN connects to a hostname, or if you simply want to stop using the VPN.
Saving Time
If your VPN end point IP address never changes (Your VPN service provider may be able to tell you whether this is the case), you can even save the completed commands to files ending in .bat
, (Eg. disablerouting.bat
and enablerouting.bat
). That way, double-clicking on the files will run the commands without you having to type them in every time.