SOLVED: VPN application blocked by security settings

Milan Stanojevic
by Milan Stanojevic
Deputy Editor
0 Comments
Download PDF
Affiliate Disclosure

  • Having your VPN software blocked by your security settings implies that you won't be able to change your IP.
  • The first step to sorting this issue out is to try out the powerful PIA VPN. 
  • For more detailed step-by-step solutions, take some time to explore our extensive and practical VPN How-To Hub.
  • If you want to find out more about VPN software, you can visit our comprehensive Windows 10 Fix section.
VPN blocked by security settings

VPN connections can be blocked for several reasons such as geo-restrictions, network administrator settings, or even your security settings such as firewalls, antivirus, and/or anti-spyware programs.

Usually, VPN clients require specific ports and protocols in order to function as they should, and these should be allowed for this to happen successfully.

You may contact your VPN vendor for a complete list of ports necessary for your VPN client, or you could create relevant exceptions in your security settings. If none of this helps, try some of the solutions below and see what works.

What to do if security or firewall settings blocked VPN connection?

  1. Change your VPN
  2. Disable your security software
  3. Add an exclusion
  4. Open ports
  5. Create a new inbound rule
  6. Change Allow app settings
  7. Turn off SSL monitoring
  8. Change Adapter Settings
  9. Enable rule for PPTP
  10. Reset your firewall or reinstall your VPN

1. Change your VPN to Private Internet Access

Private Internet Access

If you find that your Security or Firewall settings might be blocking your VPN connection, the first thing that you should try is the magnificent PIA VPN.

Unlike other VPNs, the auto-configuration feature found in PIA makes it easier than ever to avoid conflict between software, thus eliminating the possibility of encountering this same issue.

PIA was created by Kape Technologies with speed and efficiency in mind, and the result speaks for itself.

What makes PIA stand out from the crowd even more, is the fact that the company doesn’t keep any logs of your app usage, and also allows you to buy your subscription using Bitcoin for total anonymity.

Here some of the key features found in PIA VPN:

  • Extremely fast setup process with auto-config abilities
  • Great stability with the company’s 3200+ server across the globe
  • Amazing proven results for a wide range of users
  • Wide range of possible network configurations
  • Powerful MACE feature that blocks ads, trackers and malicious websites
Private Internet Access

Private Internet Access

Use PIA to never be worried about network admins or security settings stopping your VPN service.
$2.85/mo. Buy it now!

2. Disable your security software

Try and disable your firewall, antivirus or anti-spyware program and see if your VPN connection unblocks. To do this:

  • Configure your firewall settings to allow your VPN
  • Change the security level depending on the program, and you can choose from High to Medium and grant an exception to your VPN, or set it to Trust your VPN. Check with the instructions for your own security software
  • If you can reinstall the program blocking your VPN, install it after your VPN is already installed as this will let it allow your VPN to connect. Do this by uninstalling your VPN and the security software that is blocking your VPN. Then install the VPN and the security program again.

3. Add an exclusion

  • Go to Windows Defender Security Center
  • Under Virus & Threat protection settings, select Exclusions
  • Click Add or remove exclusions

add windows defender exclusion

  • Click Add an exclusion
  • Add your VPN client

Note: Usually, ports 500 and 4500 UDP are used by VPNs, while port 1723 is used for TCP. If you find these not working, add a new rule or exception to allow them in Windows Firewall Advanced Settings.


4. Open ports

To allow your VPN to pass through your security settings, open the following ports: IP Protocol=TCP, TCP Port number=1723, and IP Protocol=GRE (value 47). Ensure that these ports are allowed on Windows Firewall with the corresponding network profile.

Note: if you are running on the same server RRAS based NAT router functionality, Do Not configure RRAS static filters, because they are stateless and NAT translation requires a stateful edge firewall like ISA firewall.


5. Create a new inbound rule

  • Open Windows firewall and click inbound rules

  • Right click and select New rule

  • Click Custom rule

  • Specify the programs then specify ports (you can leave as all programs or all ports)
  • Click These IP addresses under remote IP
  • Click This IP address range
  • Type From 10.8.0.1 to 10.8.0.254
  • Close and click Next, then leave as Allow the connection
  • Apply to all profiles, then give your profile a name and click Finish

6. Change Allow app settings

  • In the search bar, type Windows Defender Firewall, and select it from the search results
  • Click Allow an app or feature through Windows Firewall

  • Click Change Settings
  • Find your VPN from the list of programs/apps
  • Check Public or Private to select the network type to run your VPN on
  • Click Allow another app if your VPN isn’t on the list
  • Select your VPN
  • Click Add and then click OK

— RELATED: FIX: When VPN connects, Internet is disconnected


7. Turn off SSL monitoring

The instructions to do this depends on which VPN you are using. However, here are the steps you can take if you’re using NOD32 or Kaspersky:

NOD32:

  • Click Setup
  • Click Advanced Setup
  • Click Antivirus and antispyware
  • Click Web access protection
  • Click HTTP, HTTPS > HTTP scanner setup, and set HTTPS filtering mode to Do not use HTTPS protocol checking.

Note: If HTTPS filtering mode is greyed out, set Antivirus and antispyware > Protocol filtering > SSL to Always scan SSL protocol. Restore the previous setting after changing HTTPS filtering mode.

Kaspersky

  • Click Settings
  • Click Traffic Monitoring panel
  • Click Port Settings or settings
  • Click Network
  • Click Port Settings and uncheck the box for port 443/SSL

8. Change Adapter Settings

  • Click Start and select Control Panel
  • Click Network & Internet

Surface Pro won't connect to WiFi Windows 10

  • Click Network and Sharing center

  • Click Change adapter settings

  • Click File
  • Select New incoming connection and click on the users you want to access your VPN
  • Check the Through the Internet box and click Next
  • Mark the Internet Protocols you want your VPN to connect to
  • Double click on Internet Protocol Version 4 (TCP/IPv4)
  • Open Control Panel again
  • Select Windows Firewall
  • Click Advanced Settings
  • Right click Inbound Rules and click New Rule

  • Choose Port and click Next. Click Next again after selecting the ports

  • Select Allow the connection and click Next
  • When asked ‘When does this rule apply?’ select all options (Domain, Private, Public) and apply the rule to all
  • Choose a name and description to fill the Name and Description and click Finish.

— RELATED: FIX: Windows 10 VPN error 789 connection failed due to security issues


9. Enable rule for PPTP

If your VPN requires PPTP, do this:

  • Click Start and select Control Panel
  • Select Windows Firewall

VPN blocked by windows firewall

  • Click Advanced Settings

  • Find ‘Routing and Remote Access‘under Inbound Rules and Outbound Rules

 

  • For Inbound Rules, Right-click ‘Routing and Remote Access (PPTP-In)’, select Enable Rule.

  • For Outbound Rules, Right-click ‘Routing and Remote Access (PPTP-Out)’, select Enable Rule.


10. Reset your firewall or reinstall your VPN

If the VPN application is blocked by security settings, you may need to reset your firewall, and if that doesn’t help, reinstall your VPN.

If you’re using Norton firewall, reset it by clicking Settings > Firewall > General tab > Reset beside Firewall Reset then restart your computer and the firewall rules will be created again as you use your VPN or programs that access your network/internet.


Were you able to resolve the problem? Let us know in the comments section below.

FAQ: Learn more about using VPN

  • Why won’t my VPN connect?

The most common reason for your VPN software not connecting is either a problem with your internet connection or an antivirus or firewall software blocking access for the app.

  • How do I bypass Amazon VPN block?

The best way to resolve the Amazon VPN block is to use PIA VPN. This amazingly powerful app ensures that you can bypass any VPN block on Amazon, Netflix, Hulu, and more.

  • Is using a VPN for Netflix illegal?

No, using a VPN service for Netflix is not illegal in any way. The company doesn’t encourage the use of VPNs, but they are not against it either.

Editor’s Note: This post was originally published in June 2018 and has been revamped and updated in May 2020 for freshness, accuracy, and comprehensiveness.