OpenVPN is a hole in the firewall. What to do?

C

cryptopotato2018-03-21 21:12:56

firewall

cryptopotato, 2018-03-21 21:12:56

I tried this experiment with Comodo Firewall and OpenVPN:
With the OpenVPN connection enabled, I completely blocked access to the network in the rights of Comodo applications and, as expected, Comodo did not interfere with the download of the torrent, since apparently all traffic went through the OpenVPN application. Immediately after the connection was broken, the speed began to drop rapidly and the download stopped (that is, the rule worked). I did the same experience with the browser - the same result. As a result, we get a way to block traffic leakage when the VPN connection is broken, but a huge security hole - with VPN turned on, any application can access the network bypassing firewall restrictions!
What to do?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

R

Robert Martirosyan, 2018-03-29
@RMtechtrend

Hello.
To understand what is happening, you need to understand how everything works, regardless of the type of firewall (firewall) and VPN. If on the fingers, then VPN is a tunnel ("pipe") that allows you to connect to some network, being "isolated" and protected from the "surrounding" network in the transmission medium. A network built with a VPN can have completely different parameters (IP addresses, etc.). Rules or restrictions in the underlying environment (network) may not be propagated to the VPN network. Imagine an isolated box in a room. Everything that you create and do in the room will not affect what is in the drawer. This requires additional rules in the firewall for the VPN network, if possible with the functionality of the firewall used.
When performing serious work, if rules are mainly used at the network level and not for applications on a PC, it is advisable to use not a software firewall (firewall), but a hardware one (for example, Mikrotik), with which you can also create VPN connections.