Different rules for different domains

Hello, I recently added an openconnect connection and configured the firewall to tunnel all router traffic through this connection like in the image below (gateway metric 10 for VPN and 20 for wan interface):

Now I want certain local websites (.ir domain) to bypass the VPN and connect directly through wan.
I hope that I'm describing this right and I would like to know if it is possible to do so or not?

Policy based routing can do this


Thanks for the info, I read about it and tried to use its LuCI ui. I didn't understand much of it but I made a new policy to route a specific domain directly through wan and it didn't work for me. The service is enabled and running and it tells me that my default gateway is my vpn interface.
Is the web ui buggy? Or am I doing something wrong?

probably the 2nd option, but we don't know, since you've provided zero details ...

Yeah, sorry about that. Here you can see that the service is running:

and here are my policies:

here I want to open github directly through wan. I tried all chains and nothing worked

Please help, I know it must be simple but I don't now why it's not working :frowning:

Cau you please post the output of

ubus call system board; 

For domains like github, you really must be using resolver set support for them to work reliably.

1 Like