BolehVPN, DefaultGatway Removal Please.

[Indingo]

Hey guys. I sent you a bunch of messages over the last (6) or so months and even let you TeamView into my computer to see the problem, I asked a month or two ago by private message for any updates and did not get any reply, so i guess I will just post here to grab your attention. I have waited long enough for you to implement a change that fixes this problem. I don't mean to out you or anything, just would like the problem looked into a little further.

I contacted you about a potential leak relating to CLASSIC-STUN and other protocols bypassing the Fully-Routed VPN servers. It would connect outside of the tunnel to the routers default gateway and this sent packets over a standard and peer to peer connection over a persons default internet connection from their modem/router bypassing the protection completely. Granted its a rare issue but it still happens so it needs to be addressed.

I have contacted you a few times about a simple solution being the removal of the default gateway in the adapter settings in windows during launch of BolehVPN client. You already change adapter settings when you have DNS leak fix enables but fail to remove the default gateway at this time. I understand why you do this, as it stops people from having a broken internet connection if suddenly they switch off their computer without properly disconnecting or other such occurrences happen.I know this is why you most likely leave default gateway enabled so you don't get as many support requests from said issue with the broken connection, but from a security standpoint its lacking. I have been running BolehVPN for (6+) months removing my own default gateway after the programs launch with no negative side effects, just an increased security without the leaking issue I mention.

I believe if you want to keep the default gateway for people who don't know what they are doing to avoid broken connections and support requests for said broken connections, I would like to ask maybe to include a tick box in settings for "remove default gateway" with a warning about broken connections so that those of us more security minded individuals have the option of removing the default gateway automatically if we so wish.

Anyway guys, thanks for reading my message and hopefully we can get this resolved for BolehVPN users. 

[Chris]

I've forwarded this to our network admin and he'll be replying shortly

[Indingo]

I've forwarded this to our network admin and he'll be replying shortly

Much appreciated Chris. 

[Reuben]

Actually most people use DHCP that I know for the home users and that's what the DNS script does (only works for DHCP users). We're integrating some better fix into our VPN client for this which is already being coded as I write this.

[Indingo]

Actually most people use DHCP that I know for the home users and that's what the DNS script does (only works for DHCP users). We're integrating some better fix into our VPN client for this which is already being coded as I write this.

I just checked and double checked to make sure, we are using DHCP here. DHCP is not the problem. Or at least we have DHCP enabled, so if you think the problem is relating to us having it disabled or a router without DHCP you are looking in the wrong place. DNS Leak Fix is broken for me if this is the case, and re-installation does not fix the problem. I have talked with PitBoss about this before and we came to the conclusion that during CLASSIC-STUN or other protocols that caused this issues use the router IP address assigned to this computer would communicate directly outside of the VPN tunnel.  I don't think DHCP is the fix your looking for, all you have to do is remove default-gateway. PitBoss saw himself in my machine that this works over TeamView. I also did some research and multiple other VPN companies are removing default-gateway deliberately to fix this exact problem in their services, which it does.