Messing DNS and huge conflict with NordVPN


I am testing various causes right now. I am not convinced it is DNS. I just uninstalled it and was still unable to connect my VPN. I have been using Ask to Connect and when I looked in Windows Firewall after the GW was uninstalled the firewall was still set to block outbound connections. I am digging into the firewall as my suspect. So to contradict my previous post, I do think it is the firewall. If you guys didn’t activate then you weren’t using Ask to Connect. IDK if @paddy did or not?


I am activated but I don’t use Ask to Connect. So it makes sense that I couldn’t reproduce the issue if it is a firewall issue and not a DNS issue. I had wondered if it is the act of activating that is producing the issue


Confirmed: Win Firewall does not set block egress until reboot. Getting closer.


Okay. I fixed this issue for me and probably for @paddy.

Glasswire appears to be missing something about the NordVPN.exe client. At first I assumed it was the openvpn.exe that is packaged with Nord. In Windows Firewall I allowed outbound traffic from the NordVPN.exe located in Program Files and it began working. It is not the openvpn portion of the application so I don’t know why I was having trouble with OpenVPN and windows PPTP before? I assume the same setting that was breaking Nord after GW was uninstalled was the same thing breaking OpenVPN and Windows before. I did try OpenVPN and WIndows only after the Nord app quit working.

I hope that helps you @paddy. @Ken_GlassWire get at me if you want to look at this as a potential issue that needs resolved. I’d be happy to try and track down whats being blocked/missed by GW and Win Firewall if you intend to correct it. Sounds like GW isn’t properly allowing this app even though it did Ask and I did Allow, and it shows in GW as unblocked.

I’m glad someone else @paddy posted this or I may have taken longer to look at GW as the offender. A+ for teamwork :blush:


I am glad @thevectorinspector has the same problem and I expect most of all users of NordVPN has the same problem on the other hand it is still not solved problem for me.

@thevectorinspector Could you please post more detailed description about your solution, please. I tried to follow your steps and allowed outbound traffic (public and private networks) to NordVPN or even to nordvpn-service with the beta app without any success. Is your connection via NordVPN stable for longer use. With installed GW I am able sometimes to use NordVPN for about 1 min, so try to stay connected for longer period, 10 min and try to browse again and please post more details.

I think there is no problem with firewall as I am able to use Spotify or other services which are not based on http protocol without any problems.

@Remah I am new to register processor and I am unable to track the details you posted. I downloaded process monitor but I do not know what exactly to filter, as you are testing NordVPN could you please post step by step the procedure to be able to get results from the process monitor? Thanks.

I’d like to state I am not using any warez or have computers injected by malware etc. Please guys focus on the real problems, not the ghost ones.


We have been able to get a NordVPN trial and we are trying to recreate this problem on our end. Thanks for all your detailed reports.


I can give assistance with some examples but easy registry auditing and process monitoring requires a narrow focus otherwise there is far too much information to check. Monitoring all changes creates far too much data to be reviewed. That’s why monitoring DNS changes is very suitable because there should be few events logged. But according to @thevectorinspector the problem is not with the DNS configuration changing. If that is correct then what is changing?


@paddy. In Windows Firewall (mine is Advanced Security on domain) open the OUTBOUND RULES. Create a new rule. Make it a program rule. The program you will select to allow is Program Files\NordVPN\NordVPN.exe. Select that app and select “Allow this connection”. If it asks for the protocol, use the protocol of the tunnels you are using ie. TCP or UDP. Save your rule. Try connecting again. If you are able to connect to the tunnel it should now work. If you are unable to connect to the tunnel create the same rule in INBOUND RULES. I hope that helps some.

Note: If you are unsure what protocol your vpn uses make a rule for each. (Default is UDP)


Today we spent a lot of time working on this problem and we were unable to produce it. Here is what we tried below.

  1. Switch off GlassWire firewall;

  2. Uninstall GlassWire (just to make sure that it will not affect anything);

  3. Go to the Windows Firewall Advanced settings (Control Panel\System and Security\Windows Firewall);

  4. Select Action\Restore Default Policy at the main menu of the Advanced settings window;

  5. Install or start Nordvpn;

  6. Make a clean installation of GlassWire.

We tried to reproduce the issue in this way:

  1. NordVPN is installed but not connected;

  2. Windows Firewall policy is restored to default settings;

  3. I have done a clean installation of GlassWire and activated it;

  4. GlassWire firewall mode is switched to Ask to connect mode;

  5. When I tried to connect NordVpn I received two ask to connect notifications. One for OpenVpn Daemon of the NordVPN (c:\program files\nordvpn\bin\openvpn.exe) and another one for NordVPN client (c:\program files\nordvpn\nordvpn client.exe). I have allowed both of them;

  6. After that I clicked “Disconnect” button of NordVPN and tried to connect it again;

  7. It works fine for us.

What should we try now? Please try uninstalling GlassWire, rebooting, then resetting your Windows Firewall to its defaults, then reinstall GlassWire with its “clean” option and see if you still have this problem.


Did you reboot after installing GW?


Yes. We rebooted after installing GlassWire.


Well the only other factor I can come up with is other security products. I use Avast Pro but it doesn’t have any firewall functionality. If you need any other details I’d be happy to provide them. But as I said this happened two times on two different OS so unless paddy and I are (un)lucky, it should be replicable. I have done your reinstall shenanigans several times several ways and the only fix I have had, even after uninstalling GW, was to create a firewall exception in windows. Let me reitterate that, my vpns would still not function after the uninstall of GW. I have not reset my firewall defaults on Windows 10 but did on 7, so I will try that again before I say it’s bunk.


I will ask the dev team if they have some more ideas of things to try. Sorry for the problem!


It has nothing to do with Glasswire as some VPN services there App don’t work correctly and had to dump a few because they just didn’t work, and I tried many and in the end I went with SlickVPN and it works well on Windows 10 Pro x64 and no issues with Glasswire what so ever also you may want to change your VPN service as most leak and look here for more info:





Speaking of VPN leaks… we recently wrote this Blog post about VPN leaks


Yes but not all VPN services are secure and the reason I posted a link to an Expert who did test some of them.





Yes, the website you posted is very useful. Thank you for sharing it.


OpenVPN is a bad app? I think you are a little confused as to what was being discussed. I could care less if I have a leak, that’s a separate issue, The simple fact that GlassWire shows the app is allowed but it requires explicit firewall rules just tells me my firewall management utility (GlassWire) isn’t doing what I paid for. Changing my VPN that works fine to satisfy GlassWire is not a very good solution. Could it be an incompatibility with that app, sure. But whatever caused it to break ruined all other vpn options such as PPTP and OpenVPN client. My firewall is the problem, and it’s being controlled by GlassWire.

@Ken_GlassWire Don’t stress about finding other potential causes. The fact is, despite your inability to reproduce the issue, I solved it in my environment. If @paddy is still messed up worry about him, but I am right as rain now.


I can confirm the solution by @thevectorinspector is working but I still have problems with some servers as I am not able to browse and have the same problem as at the beggining. Still I am testing this issue on 2 machines, both Win10, one with no Glasswire at all + antivir and firewall. There is everything ok. But the second machine with Glasswire, without antivir or extra firewall I am having troubles even set the rules like @thevectorinspector wrote but 90% working, so thank you for that solution. Still If I choose for example Switzerland server and connect both machines the one without Glasswire works ok the second one doesn’t work.

I will try the solution posted by @Ken_GlassWire and if it still does not help I am prepared to do fresh install of Win10.

I am not using any extra apps but I remember I lately tried some app to kill “spy” functions of Win10 there is maybe a possibility it somehow affected some process which also use Glasswire and somehow it does this problem. But it is a ghost problem.


The issue for me appears to be related to GlassWire not allowing outbound traffic. This must be a result of the Ask To Connect mode. I just installed a new game, RUST. Glasswire asked me to allow all the executables that it uses as it was starting, I did. And once in the game the servers list would not populate. I added an outbound firewall exception for RUST and it works again. This all started for me once I started using Ask To Connect (the main reason I bought GlassWire). So I have another example of this issue. This hasn’t happened with other software yet. Usually GW asks me to allow access and then I may need to restart the application as if the firewall rule was applied after connectivity had failed. Some apps will connect once reloaded. RUST wouldn’t, NordVPN wouldn’t. I think these Ask To Connect rules are not being applied how you intend. I will continue to add other apps to this list as I find them. Obviously at this point the issue has nothing to do with DNS, so if a new thread is needed let me know.