On my home network, I have three VLAN:
LAN
WAN
IOT
Recently, I stumbled upon a site that did not allow overseas login from US. So, I used a friends VPN to complete my obligation.
Also, the current popular streamers have different contents for different GEO and we are all now global folks and enjoy talking about episodes. Having a VPN will allow me access to content meant for the geography of VPN location.
I am going to try out a publicly provided wireguard VPN on my openwrt. My scheme is something like this:
SSID: Home (USA local lan)
SSID: IOT (US Local IOT VLAN with no access to local lan)
SSID: OVERSEAS (a VLAN connected to Wireguard service).
I also want to make sure that my streaming device is connected to Internet through VPN otherwise it has no access to internet.
My question is, since I am using VLAN, is it required that I use MAC level permissions or by default all clients connected to OVERSEAS SSID (Unique VLAN) will lose internet connection if for any reason my wireguard service were non-functional?
You'll setup the networks and the VPN, and then you'll use PBR to construct the rules for the routing that you desire (via the VPN or via the standard wan).
PBR and mwan3 are both available. They do similar things and leverage a lot of the same principles and you can presumably achieve the same goals with PBR as you could with mwan3. The difference is that mwan3 is optimized for multiple wan setups while PBR is designed to be a bit more flexible at the expense of being a little more complex (especially if you're just setting up basic multi-wan load balancing or failover modes).
