Firmware 4.X Proxy Mode

first i want to say, you have great products that do a great job with very easy interface for vpn services and openwrt. fantastic, no need for searching supported routers and custom flashig stuff, and then no fighting the usually unintuitive settings and rules! and also your decision to support the new openwrt versions, even for the older models, very nice! great thanks for this!

still, i encountered maybe a problem with the new firmware and hope you can help.
i have several devices ar750 and ar300 and upgraded the firmware from the 3.x to the 4.x version.
in the 3.x version you could use “domains+ip” policy and “client” policy at the same time. so i could use vpn and whitelist some domains from it, that block vpn, and also whitelist some devices, like the ps4, that has trouble with vpn… it was possible at same time in the gui and that seemed to work fine…

but in the new 4.x firmware, it looks like you can only use the one Proxy Mode or the other, you can only select the one or other and only the selected is active… you can not combine the domain based and the client based settings… only one modus or the other works at same time?
is this correct behaviour?

is there a workaround?
i have lots domains to whitelist, and only few devices
some domains just block vpn all the time, or on some days… while some devices like the ps4 just use harmless apps that dont need vpn… now its quite a hassle

kind regards and thanks

1 Like

hi again

no one any ideas? would really appreciate input

currently im using the client policy to exempt the ps4 from vpn… because othewise ps4 wont work… this is the only device i would opt out of vpn because the content there is regulated and harmless

but because of this, the other clients have also to run(or not run) wholly on vpn, unnecessarily, since i cant customize it

i want every other device on vpn, but reality forces me to opt out some parts, limited bandwith of vpn provider and vpn blocking of some site or service providers is really troublesome

if someone watches harmles youtube, he spams the bandwith limited vpn with that traffic unnecessarily if youtube cant be except, legit netflix makes often trouble if it cant be excempt(even if you tweak the config, in few weeks its broken again) and causes also huge bandwith usage
if my vpn provider will get flagged by google for some reason, which happens sometimes, until they switch their ip to solve this, devices will be swarmed with robot captchas while using google
some sites block any vpn always anytime and i cant exempt/access them in this configuration

i think a customizable policy where domains exemptions but also clients exemptions at same time would really nice…

looks like i else would have to ditch the gl inet device policies and configure a whole custom rule set which is tricky, didnt want to enter that rabbit hole yet

thanks and cheers