Bypass VPN for router apps - help please


I have MV1000 with firmware 4.3.6 snapshot. And I wish that traffic from router (for router’s apps) bypass the VPN connection.

In version 3.x, there was a switch “Don’t use vpn for router processes” (or somthing like that), witch did the job perfectly. However, how do I implement this on the new firmware? Can anyone navigate me what to do?

From VPN dashboard click “global options” and you will find it.

Unfortunately, for me this option only works for service. All others traffic goes through VPN, including DNS, ICMP, etc.

On 3.x, with this option, any traffic from router goes without VPN.

Dozens of trials later, I have a suspicion, that 4.3.6 has an issue with iptabels. That interferes with mwan3 work and other iptabels -mangle solutions.
(These suspicions are caused by the fact that every time I tried to see how the router forwards traffic, I got an error in iptables, that it contains legacy input. I couldn’t find a way to reinstall iptabels to fix it, because its package are not in the repositories.)

As a result, I had to go back to 3.2.6 firmware.