Setting up a VPN killswitch on an employee laptop to stop traffic going outside the tunnel.
A killswitch blocks all network traffic when the VPN is down. For remote-only profiles this makes sense. For hybrid employees it only works with a proper captive-portal exception, otherwise they cannot log in on hotel Wi-Fi.
Try this first
- 1Enable killswitch in the VPN client, or push Windows Firewall WFP rules via policy.
- 2Enable captive-portal detection in the client so hotel Wi-Fi login works.
- 3Allow local exceptions for printer and MFP, otherwise people cannot print at home.
- 4Test on someone who works mobile (4G + Wi-Fi + dock), they hit the edge cases first.
When to bring us in
Killswitch generates a ticket at every new location: combine with Always On VPN or move to ZTNA, otherwise you keep patching.
See also
- VPN will not connect or keeps droppingTwo main causes: your home internet or the VPN server. One quick test separates them.
- VPN connects but corporate folders are unreachableConnection says "green" but your network drives will not open. Almost always a DNS or routing issue.
- Home PC slow on VPN, fast at the officeThree suspects: home internet, VPN server limits, or routing that takes a long detour.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.