Firmware 4.0 and Kill switch VPN

There is 4.0 docs VPN Dashboard - GL.iNet Docs

Update continuously.

@alzhao Sorry but how is this change logical? Let’s recap:

  • On 3.x: VPN kill switch does not affect devices excluded from the VPN using VPN Policy (and why would they; these devices are not meant for the VPN).
  • On 4.x "Block Non-VPN Traffic** option completely disables Internet access for devices excluded from VPN using VPN Policy, rendering VPN Policy and this new killswitch incompatible, in other words removing functionality from the devices.

If you guys don’t intend to revert this, can you please advise us how we can achieve the same thing? Perhaps we can manually configure a new zone to put these devices under that doesn’t forward via the VPN?


But you can just leave the kill switch alone. Vpn already has killswitch

Is this still in effect when the router is rebooted and it can’t connect to VPN?

Yes it is.

VPN enabled: You will not have Internet when VPN cannot connect, disconnect or break. Only if you disable vpn, it will have normal Internet.

Disable vpn traffic (Internet killswitch): You will have no Internet if you do not use vpn.

1 Like

Hi alzhao, can you confirm that the v4.x firmware will never have the Kill Switch functionality just like v3.0.

I do understand that v4.x has the “Block Non-VPN” which has higher priority than VPN Policy and if I exclude a client using VPN Policy and “Block Non-VPN” is on then I won’t have internet on this client.

I’ve been using a Flint for over an year and its working great. I connect three clients, 2 though vpn and one excluding vpn and Kill Switch work great - I lose internet on vpn clients when vpn is down and I still have internet on vpn excluding client.

I just bought a second Flint and a Mudi. If this v4.x behavior is here to stay, then unfortunately I’ll have to return these 2 new devices and will have to look into other vendors.

Also, how can I revert Flint firmware from v4.x to v3.x. Are there any docs I can follow?


This is really too bad. I want to have a kill switch that affects all traffic but Zoom (the latency just isn’t great). I could do it in v3, but not in v4. I’d suggest improving the UI/documentation like so, to make this clearer:

“All traffic will go through the VPN” in the VPN policy should really have an asterisk that says “IF the vpn is connected. If not, this will have no effect.”

And then “Block Non-VPN Traffic” should also have an asterisk that says “DESPITE the vpn policy you’ve chosen. This will override all VPN policies and rules.”

1 Like

Nice suggestions. Thanks very much!

which is it? will we ever be able to have kill switch and access lan?

I don’t get why you would remove this and not even add it as an option. “Because its more secure” well not even using an VPN is not secure and i’m allowed to do that.