Block non VPN traffic - Issues


Last day my AX1800 got updated to 4.x version of firmware.
Instead of internet kill switch I have been recommended to use “Block non VPN traffic”

In my network run on AX1800

  1. I have a bunch of clients run on VPN (policy based routing using client Mac address)
  2. Remaining clients connected directly (non-vpn)
  3. The VPN clients access internet through VPN tunnel
  4. Non VPN clients access internet directly from isp modem
  5. Internet kill switch to be applicable only for VPN clients to block internet if VPN connectivity fails

Everything works well on 3.x firmware

After upgrading to 4.x firmware
The following issues are faced

  1. When “Block Non VPN traffic is enabled” the NON VPN devices on my network (policy based routing)
  2. If “Block non VPN” traffic is disabled then the VPN clients get exposed outside in case if VPN fails.

Hence I would say “Block non VPN traffic” is not an alternative to kill switch and the previous firmware is far better.

Do any one know how to fix my requirements.

I tried downgrading over web user interface, but 3.x firmware package verification fails.

I am totally disappointed with this crap firmware update.

BLOCK non VPN traffic should be only applicable to devices on VPN or VLAN on policy based VPN configuration

Thanks & Regards,

1 Like

Possibly related:

1 Like

I am having a similar issue if I was to leave the house and come back with this supposed to be kill switch it does not reconnect I connect to the wifi but the router won’t give me a connection.

I then have to undo it then re enable the kill switch …

The kill switch should not block connections that have credentials to access the router …

This should not be the case otherwise it is leak.

You don’t need to block non vpn traffic. The vpn clients should. It be exposed outside in case vpn fails. But vpn is disabled all clients will be exposed to normal internet which is normal.