FW config examples for vpn connection

Certain sites do not like vpn connections like streaming services (youtube.com etc).

I am trying to configure the FW rules such that:

  • Specifically listed hosts (ex: youtube.com) are going thru WAN directly.
  • The default hosts go thru VPN.

If you have such rule examples, please let me know.

You need to do Policy Based Routing and you have a couple of options:

  1. mwan3 package
  2. pbr package
    If you wish to route based on the domain name, you'll need to use ipsets.
Thanks. Which package is easier to use?

It has to be based on FQDN (which usually are dynamically mapped to different ip addresses periodically).

I'd suggest PBR.