Web Analytics

How to Use Comodo Firewall as the perfect ‘Kill Switch’ for your VPN

The very essence of a Virtual Private Network lies in its ability to provide greater security using an encrypted connection over a less secure, or open connection. When the foundational security infrastructure of a public internet network isn’t up to standard, users resort to VPNs for security. The ability to traverse restrictions imposed by online censorship and geo-location without compensating on personal identity is definitely an added benefit of securing your connection with a VPN.

But what happens if that connection fails while you’re AFK? Any existing data transfers will thus become open, and that is where the added benefit of a VPN killswitch comes in.

Killswitch Engage

How to Use the Comodo Firewall as the perfect ‘Kill Switch’ for your VPNNowadays, traffic is collected by the masses, and especially scrubbed when using BitTorrent clients. VPNs, despite their advanced security infrastructure, can expose your BitTorrent traffic if the sever drops your connection. When something like that happens, it becomes all the more difficult to hide one’s identity.

Thus, many VPN providers such Private Internet Access Network, have decided to include internet kill switch to their apps, ensuring all transfers be stopped immediately in case of a service interruption.

The Internet Kill Switch, if enabled, ensures that the anonymity of the IP address is maintained even when the connection of the VPN falters. In simple words, the kill switch instantly ‘kills’ the internet connection as and when it fails. It’s almost like a fuse that constantly monitors your internet connection to detect any change in the status of the IP Address. If it does detect any such alteration, it immediately detaches the computer from the VPN connection and waits for it to be re-established.

However, not all VPN services offer this capability, and the ones offered by VPN providers aren’t the only option. One can use a much more direct way to create a kill switch, and that’s through a firewall.

The built-in Windows Firewall can serve as an excellent kill-switch

Although Windows 7 allowed the hassle-free setting up of a kill switch using its inbuilt Firewall, Windows 8.x made things a little more difficult to handle. The Network and Sharing Center prohibits the changing of the Network Type from Home to Public, which could be obliterated by using PPTP and L2TP connections.

However, there is a better and smoother way of setting up a kill switch through a firewall. For that, you need top use the Comodo Firewall. Here are the steps:

Setting Up a Kill Switch With Comodo Firewall


Comodo Firewall is a free, stand-alone program, with a paid upgrade option. It provides a much better and capable firewall than the Windows’ default. In comparison to the Windows one, which looks at the incoming connections only, Comodo monitors both outgoing and incoming connections . Here’s what the official website has to tell you about this software:

“Comodo Firewall Pro introduces the next evolution in computer security: Default Deny Protection (DDP™). What is DDP? Most security programs maintain a list of known malware, and use that list to decide which applications and files shouldn’t access a PC. The problem here is obvious. What if the list of malware is missing some entries, or isn’t up to date?

DDP fixes this problem to ensure complete security. The firewall references a list of over two million known PC-friendly applications. If a file that is not on this safe-list knocks on your PC’s door, the Firewall immediately alerts you to the possibility of attacking malware. All this occurs before the malware infects your computer. It’s prevention-based security, the only way to keep PCs totally safe.”

Getting Started

You need to disable your Windows Firewall before running the Comodo Firewall. This will avoid unnecessary complications due to multiple Firewalls.

  1. Firstly determine you VPN’s physical address

It’s imperative to begin by firing up your VPN connection and noting the address that the adapter is using. Once the OpenVPN connection is up, open the Command Prompt in Windows by following this simple step: Start -> Type in ‘CMD’ -> Press ‘Enter’. Once the black box prompts up, run the ipconfig/all command.

Now, scroll through the output and search for the TAP-Win 32 section. Once you have done so, note the address mentioned under the heading ‘Physical Address’.

  1. After you are through with the previous step, you must Configure a Network Zone

By now, it is assumed that you have installed the Comodo Firewall after disabling the Windows Firewall.

Click on the icon to start Comodo and proceed to the ‘Advanced Settings’ button in the top left. Click on ‘Firewall’ and then ‘Network Zones’. You may want to add a new Network Zone and give it a name of your own. After having done that, press ‘OK’, select your new zone and then add a new address. Choose a type of AC address, and type in the Physical Address that you saw in the Command Prompt.

  1. Choose a Rule Set determining the services that you might want to disable in case your connection fails

Configuring a Rule Set with options like web browsers, emails, and FTP file transfers. Those important so that they aren’t tampered with if the connection goes down.

Give your Rule Set a name and click the ‘Add’ button. While creating a Rule Set, it is important to keep these parameters in check:

  • Action: Block
  • Protocol: IP
  • Direction: In or Out
  • Source Address: The Network Zone created by you
  • Destination Address: Any Address

You can create two other sets of rules with the following configurations:

  • Action: Allowother
  • Protocol: IP
  • Direction: Out
  • Source Address: Network zone / your zone
  • Destination Address: Any Address


  • Action: Allow
  • Protocol: IP
  • Direction: In
  • Source Address: Any Address
  • Destination Address: Network Zone / your newly created network zone (in our example VPN Zone)

You can also choose to create a new rule set with a different set of parameters, but what needs to be kept in mind is the order in which they appear because that is the order which will be applied to traffic. You can change the order as you wish, but be sure that you have set the ‘Deny all traffic’ rule as the last one.

  1. Now, apply the Rule Set to Services and Programs

Navigate to Firewall and select Application Rules. Then choose the application for which you want to forcibly use VPN, or ‘Add’ a fresh one. Then using any of the File Groups or Running Processes filter, ‘Browse to the program’s location. Select the ‘Use Ruleset’ button and press ‘OK’.

After having completed all the above-mentioned steps, do a test run to check whether everything is working well or not. You might need to reboot your PC or check if all the rules are in order, in case the run isn’t successful.


Comodo Firewall is a brilliant alternative to the Windows Firewall. It’s fresh, simple, easy, and most importantly, bypasses the obstacles posed by the Windows Firewall. It acts as a potent kill switch for Virtual Private Networks, meaning you don’t have to depend on VPN providers to do it for you.