How do I ensure that an OpenVPN client is running so if the connection breaks there is no internet access?



  • I'm trying to setup server that uses a OpenVPN client. But I realized that just terminating a few services related to openvpn on the debian system "leaks" the IP.

    Say the server is going offline, my vpn subscription is being churned or some human mistake by my end. That will probably kill the connection and in turn expose my own IP to the service I'm connecting to.

    How can I ensure that if the OpenVPN client connection is failing, the internet is inaccessible?



  • I think there should be an option on the client settings to force all traffic through the tunnel. Maybe this will help:
    https://forum.netgate.com/topic/135500/force-lan-traffic-through-openvpn-tunnel

    Not sure if that stops Internet if the tunnel is down. Maybe you can try a firewall rule to block outbound traffic to the WAN and only allow traffic over the OpenVPN firewall rules.


Log in to reply