4.x firmware kill switch also kills domain-based exceptions

I used the policy mode based on the target IP or domain in firmware 4.x and noticed that the global option to block non-VPN traffic also blocks domain-based exceptions. I guess this is to be expected given that the kill switch is now called a global option but it is a change from the 3.x firmware where VPN policies like domain exceptions took precedence over the kill switch.

Is there a way to keep domain-based exceptions allowed in 4.x while preventing all non-excepted domains from being accessed without the VPN on such as when the VPN connection was dropped on the router?

Unfortunately I am not aware of any way to get this working, sorry :frowning: