I have a service that I need only to access the Internet when the VPN is active, but it must also be able to communicate with a specific program on another PC on the local network. It would be best if this is done without interfering with the Internet connection of other programs on the PC (without having to manually create new authorization rules for each program).
The VPN uses a virtual network card to route the traffic and has a blocking switch that prevents the PC from accessing the Internet through the actual network card while the program is running. it's active. This works fine when the VPN is running, but opens a very large vulnerability. If the VPN hangs or is closed, the network traffic of my service is exposed. That's why I need an additional firewall rule.
I do not know if this is helpful, but for the sake of completeness, I will provide as much information as possible. The virtual adapter of my VPN uses a subnet mask "255.255.255.252", while my real adapter uses "255.255.255.0". The specific IPv4 used by the VPN virtual adapter changes whenever the VPN connection is interrupted or reset. Both computers involved have a static IP address on my local network. Both computers are running Windows 10. The port used by the programs to communicate over the local network is 9091, but I can modify it if necessary. Programs communicate perfectly whether the VPN program is active, inactive or not working at all.
Can Windows Firewall do this? If no, are there firewalls (preferably free)?