SOLVED: VPN application blocked by security settings

Milan Stanojevic
by Milan Stanojevic
Deputy Editor
Loading Comments
Affiliate Disclosure

VPN connections can be blocked for several reasons such as geo-restrictions, network administrator settings, or even your security settings such as firewalls, antivirus and/or anti-spyware programs.

Usually, VPN clients require specific ports and protocols in order to function as they should, and these should be allowed for this to happen successfully.

You may contact your VPN vendor for a complete list of ports necessary for your VPN client, or you could create relevant exceptions in your security settings. If none of these help, try some of the solutions below and see what works.

FIX: VPN application blocked by security settings

  1. Disable your security software
  2. Add an exclusion
  3. Open ports
  4. Create a new inbound rule
  5. Change Allow app settings
  6. Turn off SSL monitoring
  7. Change Adapter Settings
  8. Enable rule for PPTP
  9. Reset your firewall or reinstall your VPN
  10. Change your VPN

1. Disable your security software

Try and disable your firewall, antivirus or anti-spyware program and see if your VPN connection unblocks. To do this:

  • Configure your firewall settings to allow your VPN
  • Change the security level depending on the program, and you can choose from High to Medium and grant an exception to your VPN, or set it to Trust your VPN. Check with the instructions for your own security software
  • If you can reinstall the program blocking your VPN, install it after your VPN is already installed as this will let it allow your VPN to connect. Do this by uninstalling your VPN and the security software that is blocking your VPN. Then install the VPN and the security program again

2. Add an exclusion

  • Go to Windows Defender Security Center
  • Under Virus & Threat protection settings, select Exclusions
  • Click Add or remove exclusions

add windows defender exclusion

  • Click Add an exclusion
  • Add your VPN client

Note: Usually, ports 500 and 4500 UDP are used by VPNs, while port 1723 is used for TCP. If you find these not working, add a new rule or exception to allow them in Windows Firewall Advanced Settings.

3. Open ports

To allow your VPN to pass through your security settings, open the following ports: IP Protocol=TCP, TCP Port number=1723, and IP Protocol=GRE (value 47). Ensure that these ports are allowed on Windows Firewall with the corresponding network profile.

Note: if you are running on the same server RRAS based NAT router functionality, Do Not configure RRAS static filters, because they are stateless and NAT translation requires a stateful edge firewall like ISA firewall.

4. Create a new inbound rule

  • Open Windows firewall and click inbound rules

  • Right click and select New rule

  • Click Custom rule

  • Specify the programs then specify ports (you can leave as all programs or all ports)
  • Click These IP addresses under remote IP
  • Click This IP address range
  • Type From to
  • Close and click Next, then leave as Allow the connection
  • Apply to all profiles, then give your profile a name and click Finish

5. Change Allow app settings

  • In the search bar, type Windows Defender Firewall, and select it from the search results
  • Click Allow an app or feature through Windows Firewall

  • Click Change Settings
  • Find your VPN from the list of programs/apps
  • Check Public or Private to select the network type to run your VPN on
  • Click Allow another app if your VPN isn’t on the list
  • Select your VPN
  • Click Add and then click OK

— RELATED: FIX: When VPN connects, Internet is disconnected

6. Turn off SSL monitoring

The instructions to do this depends on which VPN you are using. However, here are the steps you can take if you’re using NOD32 or Kaspersky:


  • Click Setup
  • Click Advanced Setup
  • Click Antivirus and antispyware
  • Click Web access protection
  • Click HTTP, HTTPS > HTTP scanner setup, and set HTTPS filtering mode to Do not use HTTPS protocol checking.

Note: If HTTPS filtering mode is greyed out, set Antivirus and antispyware > Protocol filtering > SSL to Always scan SSL protocol. Restore the previous setting after changing HTTPS filtering mode.


  • Click Settings
  • Click Traffic Monitoring panel
  • Click Port Settings or settings
  • Click Network
  • Click Port Settings and uncheck the box for port 443/SSL

7. Change Adapter Settings

  • Click Start and select Control Panel
  • Click Network & Internet

Surface Pro won't connect to WiFi Windows 10

  • Click Network and Sharing center

  • Click Change adapter settings

  • Click File
  • Select New incoming connection and click on the users you want to access your VPN
  • Check the Through the Internet box and click Next
  • Mark the Internet Protocols you want your VPN to connect to
  • Double click on Internet Protocol Version 4 (TCP/IPv4)
  • Open Control Panel again
  • Select Windows Firewall
  • Click Advanced Settings
  • Right click Inbound Rules and click New Rule

  • Choose Port and click Next. Click Next again after selecting the ports

  • Select Allow the connection and click Next
  • When asked ‘When does this rule apply?’ select all options (Domain, Private, Public) and apply the rule to all
  • Choose a name and description to fill the Name and Description and click Finish.

— RELATED: FIX: Windows 10 VPN error 789 connection failed due to security issues

8. Enable rule for PPTP

If your VPN requires PPTP, do this:

  • Click Start and select Control Panel
  • Select Windows Firewall

VPN blocked by windows firewall

  • Click Advanced Settings

  • Find ‘Routing and Remote Access‘under Inbound Rules and Outbound Rules


  • For Inbound Rules, Right-click ‘Routing and Remote Access (PPTP-In)’, select Enable Rule.

  • For Outbound Rules, Right-click ‘Routing and Remote Access (PPTP-Out)’, select Enable Rule.

9. Reset your firewall or reinstall your VPN

If the VPN application is blocked by security settings, you may need to reset your firewall, and if that doesn’t help, reinstall your VPN. If you’re using Norton firewall, reset it by clicking Settings > Firewall > General tab > Reset beside Firewall Reset then restart your computer and the firewall rules will be created again as you use your VPN or programs that access your network/internet.

10. Change your VPN

You can also change your VPN and see if it resolves the issue. One of the best VPNs you can use is CyberGhost. Its servers have optical fiber internet connections with high data speeds, making it very fast.

It also protects your privacy on a multi-platform privacy solution, and has the highest encryption available with 256-bit encryption technology, hiding of your IP, Wi-Fi protection if in a public area, a strict no logs policy, multiplatform apps for all your devices, security for transactions and conversations, ad blocking, and malware blocking.

Why choose CyberGhost?
cyberghost vpn for windows logo
  • 256-bit AES encryption
  • Over 5600 servers worldwide
  • Great price plans
  • Excellent support

Were you able to resolve the problem? Let us know in the comments section below.