Enforce VPN connection to access the Internet

I'm using a VPN when I'm online at an unencrypted wifi. Unfortunately, at my university the connection is quite unstable and at every reconnect the VPN connection is terminated and I manually need to reconnect to it using the NetworkManager, which obviously only works if I notice the reconnect. I enabled the option to automatically connect to the VPN in the NM options, but it seems to have no effect.

Is there a way to enforce an active VPN connection before any other application can access the network connection so I can be sure not to send private data over unencrypted connections?

Cheers, Pascal


You can use the Firestarter firewall tool to limit your outbound connections to the vpn host. It is very easy to configure, and you can toggle it on and off with a single button click.

To create such a setup, hit the Policy tab, choose Editing Outbound traffic policy, and select Restrictive by default, whitelist traffic. Then you right-click on the empty list below, and add the vpn host to the whitelist.

Firestarter policy editor


Well, I dont know if there is a better way to do what you asked but a crude way would be just to manually delete the default route for your Wifi connection after you connect to VPN. This way when your VPN is disconnected traffic will not be able to leave your system as there will be no default route.