Last day my AX1800 got updated to 4.x version of firmware.
Instead of internet kill switch I have been recommended to use “Block non VPN traffic”
In my network run on AX1800
- I have a bunch of clients run on VPN (policy based routing using client Mac address)
- Remaining clients connected directly (non-vpn)
- The VPN clients access internet through VPN tunnel
- Non VPN clients access internet directly from isp modem
- Internet kill switch to be applicable only for VPN clients to block internet if VPN connectivity fails
Everything works well on 3.x firmware
After upgrading to 4.x firmware
The following issues are faced
- When “Block Non VPN traffic is enabled” the NON VPN devices on my network (policy based routing)
- If “Block non VPN” traffic is disabled then the VPN clients get exposed outside in case if VPN fails.
Hence I would say “Block non VPN traffic” is not an alternative to kill switch and the previous firmware is far better.
Do any one know how to fix my requirements.
I tried downgrading over web user interface, but 3.x firmware package verification fails.
I am totally disappointed with this crap firmware update.
BLOCK non VPN traffic should be only applicable to devices on VPN or VLAN on policy based VPN configuration
Thanks & Regards,