How to configure a VPN Killswitch in a Virtual Machine using bridged mode?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
-1
down vote

favorite












Setup:



  • Virtual Machine on VM Player 14

  • Virtual Machine is in bridged Mode (using the WLAN-Adapter of the physical computer)

  • Ubuntu 18.04 as guest-OS

  • IPVanish as VPN Provider

  • UFW as Firewall

So I configured the VM to be in bridged mode so I can connect to my vpn. The vpn is configured correctly and is working. The vpn uses tcp for its connection. The vpn is working.



What I've tried:
I tried to configure a kill switch using ufw, so when the vpn connection is lost on the interface tun0, there should be no traffic allowed on any other interface.



I've used the following commands trying to achive this (the vpn connection is setup before this commands):



sudo ufw default deny incoming
sudo ufw default deny outgoing
sudo ufw allow out on tun0 from any to any
sudo ufw enable


Problem:
If I run the above commands I my vpn has no connection anymore. I assume this has to do with the bridgedmode configured. I'm not sure if the traffic on tun0 is passed to my main interface (ens33) and not working because of this. In my opinion tun0 should also connect to the bridge directly, so I don't really get why it's not working.










share|improve this question



















  • 2




    Your tun0 needs an underlying interface in order to exchange VPN packets. From your rules I see you simply cut off all connectivity to a remote VPN server.
    – KWubbufetowicz
    Aug 31 at 12:01










  • I've tried to route the packets from tun0 through my bridged interface (ens33) but without any luck, could you please explain a bit more how I could achive this?
    – M. Peterson
    Sep 1 at 9:23






  • 1




    What I meant is you should add a rule allowing the in and out packets to your vpn server e.g. sudo ufw allow out on ens33 from <vpn server ip> to any. I assume your routing is just correct so I don't understand what are you trying to change here.
    – KWubbufetowicz
    Sep 2 at 21:22














up vote
-1
down vote

favorite












Setup:



  • Virtual Machine on VM Player 14

  • Virtual Machine is in bridged Mode (using the WLAN-Adapter of the physical computer)

  • Ubuntu 18.04 as guest-OS

  • IPVanish as VPN Provider

  • UFW as Firewall

So I configured the VM to be in bridged mode so I can connect to my vpn. The vpn is configured correctly and is working. The vpn uses tcp for its connection. The vpn is working.



What I've tried:
I tried to configure a kill switch using ufw, so when the vpn connection is lost on the interface tun0, there should be no traffic allowed on any other interface.



I've used the following commands trying to achive this (the vpn connection is setup before this commands):



sudo ufw default deny incoming
sudo ufw default deny outgoing
sudo ufw allow out on tun0 from any to any
sudo ufw enable


Problem:
If I run the above commands I my vpn has no connection anymore. I assume this has to do with the bridgedmode configured. I'm not sure if the traffic on tun0 is passed to my main interface (ens33) and not working because of this. In my opinion tun0 should also connect to the bridge directly, so I don't really get why it's not working.










share|improve this question



















  • 2




    Your tun0 needs an underlying interface in order to exchange VPN packets. From your rules I see you simply cut off all connectivity to a remote VPN server.
    – KWubbufetowicz
    Aug 31 at 12:01










  • I've tried to route the packets from tun0 through my bridged interface (ens33) but without any luck, could you please explain a bit more how I could achive this?
    – M. Peterson
    Sep 1 at 9:23






  • 1




    What I meant is you should add a rule allowing the in and out packets to your vpn server e.g. sudo ufw allow out on ens33 from <vpn server ip> to any. I assume your routing is just correct so I don't understand what are you trying to change here.
    – KWubbufetowicz
    Sep 2 at 21:22












up vote
-1
down vote

favorite









up vote
-1
down vote

favorite











Setup:



  • Virtual Machine on VM Player 14

  • Virtual Machine is in bridged Mode (using the WLAN-Adapter of the physical computer)

  • Ubuntu 18.04 as guest-OS

  • IPVanish as VPN Provider

  • UFW as Firewall

So I configured the VM to be in bridged mode so I can connect to my vpn. The vpn is configured correctly and is working. The vpn uses tcp for its connection. The vpn is working.



What I've tried:
I tried to configure a kill switch using ufw, so when the vpn connection is lost on the interface tun0, there should be no traffic allowed on any other interface.



I've used the following commands trying to achive this (the vpn connection is setup before this commands):



sudo ufw default deny incoming
sudo ufw default deny outgoing
sudo ufw allow out on tun0 from any to any
sudo ufw enable


Problem:
If I run the above commands I my vpn has no connection anymore. I assume this has to do with the bridgedmode configured. I'm not sure if the traffic on tun0 is passed to my main interface (ens33) and not working because of this. In my opinion tun0 should also connect to the bridge directly, so I don't really get why it's not working.










share|improve this question















Setup:



  • Virtual Machine on VM Player 14

  • Virtual Machine is in bridged Mode (using the WLAN-Adapter of the physical computer)

  • Ubuntu 18.04 as guest-OS

  • IPVanish as VPN Provider

  • UFW as Firewall

So I configured the VM to be in bridged mode so I can connect to my vpn. The vpn is configured correctly and is working. The vpn uses tcp for its connection. The vpn is working.



What I've tried:
I tried to configure a kill switch using ufw, so when the vpn connection is lost on the interface tun0, there should be no traffic allowed on any other interface.



I've used the following commands trying to achive this (the vpn connection is setup before this commands):



sudo ufw default deny incoming
sudo ufw default deny outgoing
sudo ufw allow out on tun0 from any to any
sudo ufw enable


Problem:
If I run the above commands I my vpn has no connection anymore. I assume this has to do with the bridgedmode configured. I'm not sure if the traffic on tun0 is passed to my main interface (ens33) and not working because of this. In my opinion tun0 should also connect to the bridge directly, so I don't really get why it's not working.







ubuntu firewall vpn bridge ufw






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Sep 9 at 20:43









Rui F Ribeiro

36.8k1272117




36.8k1272117










asked Aug 31 at 11:54









M. Peterson

11




11







  • 2




    Your tun0 needs an underlying interface in order to exchange VPN packets. From your rules I see you simply cut off all connectivity to a remote VPN server.
    – KWubbufetowicz
    Aug 31 at 12:01










  • I've tried to route the packets from tun0 through my bridged interface (ens33) but without any luck, could you please explain a bit more how I could achive this?
    – M. Peterson
    Sep 1 at 9:23






  • 1




    What I meant is you should add a rule allowing the in and out packets to your vpn server e.g. sudo ufw allow out on ens33 from <vpn server ip> to any. I assume your routing is just correct so I don't understand what are you trying to change here.
    – KWubbufetowicz
    Sep 2 at 21:22












  • 2




    Your tun0 needs an underlying interface in order to exchange VPN packets. From your rules I see you simply cut off all connectivity to a remote VPN server.
    – KWubbufetowicz
    Aug 31 at 12:01










  • I've tried to route the packets from tun0 through my bridged interface (ens33) but without any luck, could you please explain a bit more how I could achive this?
    – M. Peterson
    Sep 1 at 9:23






  • 1




    What I meant is you should add a rule allowing the in and out packets to your vpn server e.g. sudo ufw allow out on ens33 from <vpn server ip> to any. I assume your routing is just correct so I don't understand what are you trying to change here.
    – KWubbufetowicz
    Sep 2 at 21:22







2




2




Your tun0 needs an underlying interface in order to exchange VPN packets. From your rules I see you simply cut off all connectivity to a remote VPN server.
– KWubbufetowicz
Aug 31 at 12:01




Your tun0 needs an underlying interface in order to exchange VPN packets. From your rules I see you simply cut off all connectivity to a remote VPN server.
– KWubbufetowicz
Aug 31 at 12:01












I've tried to route the packets from tun0 through my bridged interface (ens33) but without any luck, could you please explain a bit more how I could achive this?
– M. Peterson
Sep 1 at 9:23




I've tried to route the packets from tun0 through my bridged interface (ens33) but without any luck, could you please explain a bit more how I could achive this?
– M. Peterson
Sep 1 at 9:23




1




1




What I meant is you should add a rule allowing the in and out packets to your vpn server e.g. sudo ufw allow out on ens33 from <vpn server ip> to any. I assume your routing is just correct so I don't understand what are you trying to change here.
– KWubbufetowicz
Sep 2 at 21:22




What I meant is you should add a rule allowing the in and out packets to your vpn server e.g. sudo ufw allow out on ens33 from <vpn server ip> to any. I assume your routing is just correct so I don't understand what are you trying to change here.
– KWubbufetowicz
Sep 2 at 21:22















active

oldest

votes











Your Answer







StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f466015%2fhow-to-configure-a-vpn-killswitch-in-a-virtual-machine-using-bridged-mode%23new-answer', 'question_page');

);

Post as a guest



































active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes















 

draft saved


draft discarded















































 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f466015%2fhow-to-configure-a-vpn-killswitch-in-a-virtual-machine-using-bridged-mode%23new-answer', 'question_page');

);

Post as a guest













































































Popular posts from this blog

How to check contact read email or not when send email to Individual?

Displaying single band from multi-band raster using QGIS

How many registers does an x86_64 CPU actually have?