Split tunneling using PBR

The pbr policy was configured using the following Scenario 2 guide. Currently, all traffic, including devices connected to the server, is through mullvad vpn.

Now we want to add a new policy that does not use vpn connections when accessing a specific domain or ip. The following policies have been added as tests, but they do not work, and duckduckgo.com still detects VPN servers.

config policy
         option interface 'wan'
         option dest_addr "duckduckgo.com"

Next is my policy option.

config policy
        option name 'Ignore Local Traffic'
        option dest_addr '192.168.99.0/24'
        option interface 'ignore'

config policy
        option dest_addr '0.0.0.0/0'
        option interface 'VPNC'
        option name 'mv connect'

config policy
        option interface 'wan'
        option dest_addr 'duckduckgo.com'

We changed the order of the policy, but it didn't work. I want to get a way or hint to solve this problem.

Thank you

I've solved it, just check the Masquerading option in the WAN firewall.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.