Thanks Ken. It seems to work, although I saw two blocked browsers loading webpages. After short time they couldn’t access the Internet. It seemed like firewall rules were inserted with some delay. I need more time to test, because VPN behaves like it does lose network connection from time to time.
But definitely it helped at least a bit. I saw earlier that permanently blocked applications could upload their files onto remote sites while VPN was active. Now those apps can’t connect.
we’ll see, thanks
Did you install GlassWire with its clean install option with the installer and its firewall reset option also checked?
For Firefox, does it use a separate installer like Chrome? If so it’s probably correct behavior. With Chrome it auto-updates with “Google Installer” for example.
Yes Ken, I did as you wrote earlier. Clean install and rules reset. Then I turned Firewall on and switched to “Ask to connect: mode. Microsoft Edge was explicitly blocked: two applications and Browser_Broker.” I did not allow any separate Firefox installer. I was able to browse Internet while blocked and VPN active, followed fresh links on webpages to not use local cache. It worked. Made fresh screenshot while opening info on privacy policy of Microsoft (who does read such pages? ). Glasswire FW shows Edge transferring data while blocked.
And, after switching VPN off, suddenly Edge couldn’t open any pages. Perhaps VPN has additional interface which has preference in rules enforcement. I don’t know. Probably you can try it with any software including OpenVPN under the hood.
When I switch Firewall to “block all” mode, there’s no access for browsers for sure.“Click to block” works like “ask to connect”. Blocked apps can connect anyway.
I can do additional reinstalls of Glasswire to confirm, but later
Quick update. I made new clean profile in Glasswire firewall, switched to “Ask to connect” and it even doesn’t ask for allowing new apps when VPN is active…
OK, asked finally, but after denying the app still can connect.
Uninstall GlassWire. Go to your “Windows Firewall” control panel and choose “restore defaults”.
Reboot.
Reinstall GlassWire with the firewall reset and clean install options both checked. Let me know if that solves it. If not let me know and I have another idea of what’s happening.
@Ken_GlassWire
Ok, I’m after work and returned to troubleshooting. Thank you for your engagement. I did following steps:
Uninstalled GlassWire
Restored defaults in my firewall
Rebooted
Installed GlassWire
Rebooted to be sure
Switched to “Ask to connect” mode
Tested explicitely blocked several apps. Every of these couldn’t access remote sites.
Enabled VPN connection through NordVPN app
Suddenly my blocked apps could connect to Internet sites
So nothing changed so far, but I went further.
10. I exported my firewall rules before and after connecting to VPN - nothing was different. Only one other thing changed: public profile became active. When I don’t use VPN, only private network profile was active. But those profiles have the same settings.
11. I got another idea: uninstalled NordVPN and installed pure OpenVPN app. After importing one NordVPN profile for OpenVPN I connected to their service.
12. Aaaaaaaand… GlassWire blocks every app which has “Block” setting turned on. So with pure OpenVPN access everything works smoothly.
Well. My reasoning is that NordVPN is messing somewhere in Windows setting. I cannot track it down, because I’m not too advanced Windows user/admin. One thing was interesting, that NordVPN app has the setting to drop any connections while VPN is not active and it works. But I don’t know what is then changed and where.
Maybe you are able to investigate it further, perhaps with NordVPN folks. You know Windows internals a lot better than me for sure.
For now I will stick with OpenVPN for a while, and probably will return to testing when I got some rest
Thank you again.
Besides, I learned at least a bit about Windows Defender Firewall.
I haven’t tried the open vpn route yet, or installed the firewall defaults etc. Will give it a go if necessary, but it didn’t seem like it had any positive result.
I also wonder if the change to the glasswire.conf (required, for me at least, to enable Nord to work at all) changing “hostname_enable_nslookup=true” to false has any influence.
Was just trying to add to the mix that it is not an isolated instance.
If you check the Windows Firewall control panel, do you see that those apps have added their own rules there? If so you can delete them.
The previous version of GlassWire would clear all firewall rules, then add its own. Due to user feedback GlassWire 2 does not change your current firewall rules you set up so if you had this app add its own rules before then those rules will still be present.
You can go to the Windows Firewall control panel and block those apps and then GlassWire can have more control over them.