VPN open's unwanted ports
Dear Bitdefender Team / research team. I'm struggling to understand the best protection possible to my devices?! Wonder IF I could get some professional enlighten. So, I'm using an external router with a firewall dropping external requests to ports (not netgear) and I'm using a windows sandbox with VPN turned on (doesn't matter where). Well happens that if I run a port test (eg. speedguide) with VPN on, despite the fact of being in a VPN public IP, the test shows vulnerable open ports. If in the other hand I shut down VPN, my router firewall is port protecting me not allowing responses from ports to tests, although I'm in my ISP's public IP. So what concernes me most and would like to ask is:
1. how easy is to break HOTSPOTSHIELD cripto and get in the ports, this after Virtual IP location (of course)?
2. Is it safer to: have ports closed despite being in ISP public IP; or have the ports open although using a virtual public IP bought by Bitdefender?
3.What's the point to bypass ISP IP public surveillance over having vulnerable ports open by your premium VPN? 😒🚷