Control Linux Firewall
Internet Kill Switch
This feature automatically blocks general internet traffic on the endpoint when the VPN tunnel is abnormal or disconnected, preventing data/IP leaks.
Ensures forced VPN connection when used with the Always-On option of the ZTNA Connection Manager action.
For instructions on using the ZTNA Connection Manager, refer to the ZTNA-Client document.
Configuration Method
Assign the minimum policy required to connect to the VPN. When the Internet Kill Switch setting is On, all internet traffic is blocked, and it operates in a WhiteList manner.
Go to Policy in the top menu.
Go to Policy > Node Policy in the left policy menu.
Click the Node Policy to which you want to apply the Internet Kill Switch.
In the Node Action section, assign the Control Linux Firewall node action.
Enable the Internet Kill Switch option.
When using ZTNA-Client, assign the minimum policy as follows.
Direction |
Remote IP |
Local IP |
Protocol |
|---|---|---|---|
Outbound |
All |
ZTNA Gateway IP or Domain |
TCP, Local Port: All, Remote Port: 1194 |