I have a service that I need to only be able to access the internet when the VPN is active, but it also needs to be able to communicate with a specific program on another PC on the LAN. It would be preferable if this could be done without interfering with the internet connection of other programs on the PC (without having to manually create new allow rules for every program).
The VPN uses a virtual network adapter to route traffic, and has a killswitch that prevents the PC from accessing the internet through the real network adapter while the program is running, but has a setting that allows LAN traffic to be passed through even while the killswitch is active. This works great while the VPN is running, but opens up a pretty big vulnerability. If the VPN crashes or is closed then the network traffic of my service is exposed. This is why I need a supplemental firewall rule.
I don’t know if this is helpful but for the sake of completeness I will provide as much info as possible. My VPN’s virtual adapter uses a “255.255.255.252” subnet mask, while my real adapter uses “255.255.255.0”. The specific IPv4 used by the VPN virtual adapter changes every time the VPN connection is interrupted or reset. Both computers involved have a static IP on my local network. Both PCs are running Windows 10. The port the programs use to communicate with over the LAN is 9091, but I can change that if necessary. The programs communicate perfectly whether the VPN program is active, inactive, or not running at all.
Can Windows firewall do this? If not, are there any (preferably free) firewalls that can?
