I am new to ExpressVPN, and I just realized that very time I reconnect to it, it changes the type of my network connection back to public every time. From private to public. This makes my firewall rules useless, as it's set up to allow only private-type connections. Does anyone know how to fix this? The only thing I know to do is to change the network type of every unidentified network to private, using secpol.msc, but I don't like using blanket rules like that.
change the network profile for your tap adapter. (settings - nw & internet - status - properties) but if i were you, i'd stick with the public nw.
Doing this only allows me to change the network type for my phyical adapter (wifi) not my tap adapter, and I want that to stay public so that any connection not through the vpn is denied.
It is set as public. My netword hardware adapter is set to public and the ExpressVPN tap adapter ideally would be set to private. That way anything not going through the private adapter is blocked. The problem is that the ExpressVPN adapter resets itself as public every time I reconnect, thus making my firewall useless because everything is blocked because there now is no private adapter.
the type of nw profile's nothing to do with what's blocked and what's not. it just determines whether your pc can be used for sharing.
But it does, if your firewall is set to deny the public type (versus private) as is my case. That's the entire problem your not understanding. vs
you're using a 3rd party tool to create ruleset for win fw. the type of nw does not matter. apply the same ruleset for the other profile by using your 3rd party tool and that's it.
That would make no sense. They both public and private would both have either allow or deny rules. Both profiles having the same rules defeats the purpose. Having only allowed access to the private type means that a network interface was specifically told to be private, not public (which everything defaults to).
@n8chavez On a side note, why did you switch from Mullvad to ExpressVPN? What's wrong with Mullvad? I'm asking because I'm currently using Mullvad myself (still testing it).
There's nothing at all wrong with mullvad. It's awesome. I like it's use of tied local proxies to the vpn (10.8.0.1 and 1.0.64.0.1). But it does not allow me to stream; hulu, netflix, Prime, disney+, and I'm looking for one that does. As far as I know mullvad does not allow for tunnel splitting.
then contact express' tech support dept. and post their reply here. they'll tell you the same. and the reason the tap adapter's assigned a private nw profile is because you're using split tunnelling. disable that and it will work as i stated in my prior posts.
I think you're confused. All taps are public unless made private. That's the case here. The tap is public by default, and I purposefully made it private. That's the problem; the tap not hanging on to the change I made for a reason. And, no, I am not using any split tunneling at all.
n8, you're the one who's confused here. i'm telling you for the last time. you're using a 3rd party tool to create and apply ruleset for your nw profile, you're trying to force the tap adapter to use private nw profile while it should be public. just use your 3rd party tool to apply the ruleset for the public profile too and it will be ok. as i said above, there's no other way. why don't you just contact express' tech dept. and post their reply here so we could see who's confused here?
I have. They able to help me change that exact tap/tun to the way I wanted, not flip every other block rule to private, and vice versa, to accommodate one annoying tap adaper. They said they would look into fixing the issue in a next version. But I did support chat, so I don't have a transcript. But thanks for not really listening to me, and assuming you were right; that ALL adapters need to be public. It was helpful. (Sarcasm). Having all adapters either public or private defeats the purpose of allow/block rules based on profile.