Let's say there is an application analysis_data_upload.exe
, that must only be run when a machine is connected to one specific VPN with a dynamic IP that is resolved via a static domain name. Given a laptop with several remote VPN connections configured, how do I create a Windows Firewall rule that will only allow this application through one specific connection?
From what I know it is possible to create a rule that applies to remote connections only and it's possible to limit it by the IP (via Scope panel), but the IP is dynamic and coming from an unknown IP range. Secondly, I am not sure how to create a rule that will block all other incoming/outgoing connections except this one. Having a rule that blocks all connections is not an option, because Windows Firewall evaluates blocking rules before allowing and when the matching rule is found the rest are ignored.
On an unrelated note, I use Cisco AnyConnect for some other VPNs - does it also create a remote connection? Do I need to add a blocking rule for these VPNs separately?