You don't (or shouldn't) need policy based routing to achieve what you want to do. There's nothing particularly fancy routing-wise about it and whatever VPN you end up using should add the required rules.
OK, it is better for me not to do anything, and watch the process
Ok so where do I start ?
OpenVPN should only be using TCP for two scenarios and two scenarios only:
- Troubleshooting
OR - If receiving high packet loss with UDP
Outside of those two scenarios, do not use TCP, as TCP cannot efficiently encapsulate itself.
- All OpenVPN packets are TCP encapsulated within UDP, unless TCP is chosen, which then forces TCP encapsulation within TCP and you will see a performance hit because it's vastly inefficient.
The firewall rules should always be tcpudp
, as it prevents having to change the rules when troubleshooting is required.