I have read other GlassWire users’ topics about issues with NordVPN. Unfortunately, none of the ones that I read contained a solution for my current problem. The closest one I could find is this: Firewall blocking doesn’t work when VPN is active.
My issue is similar: Even though GlassWire’s firewall setting is “Ask To Connect”, all apps are allowed inbound and outbound access. The expected behavior of GlassWire (new connections blocked by default, and explicitly blocked apps are also denied connections) returns when NordVPN is disconnected. Essentially, NordVPN ON = GlassWire OFF / NordVPN OFF = GlassWire ON.
I contacted Nord support to see if they had any suggestions, and this is the exact response I received:
That happens because your application connections are not disallowed on our server. When initializing a VPN connection all the traffic is sent through our TAP adapter, which, in turn, opens up the ports required for connection to establish. If you wish to create rules for applications to work according to your needs, you would have to tamper with our TAP adapter exceptions list, unfortunately, we cannot guide you through that process.
The ports our service uses are as following:
443 - TCP (Gateway - 10.7.7.1)
1194 - UDP (Gateway - 10.8.8.1)
I also have PIA VPN, and I know that this redirecting of traffic through the TAP adapter while also ignoring firewall rules does not happen.
Since Nord is unwilling or unable to provide any assistance to correct the problem (modify their TAP adapter’s exceptions list), is there anything else I can do to make sure that GlassWire’s rules are enforced ahead of traffic going through the Nord TAP adapter?