I use SmartDNS from ControlD ([/example.com /]https://test.controld.com/dns-query for example, in adguardhome) for some sites for geo-unblocking. The point is that controld returns its own ip addresses for such sites. And everything works fine until I turn on the VPN. When i turn on a VPN (ovpn or wireguard) these sites stop opening. But if I add the controld ip addresses to the ip/domain list everything starts working, but then all traffic goes through the vpn. What needs to be done to make everything work fine?
I have:
broom 2 with all stable firmware,
vpn Policy Mode Based on the target domain or IP,
Block Non-VPN Traffic -off,
Allow Access WAN-off,
Services From GL.iNet Use VPN-off,
Allow Remote Access LAN-off,
IP Masquerading -ON,
MTU-empty,
ADGuard Home -ON,
ADGuard Home feature to support seeing which client the request is coming from -ON
After any DNS encryption is used, the domain-based VPN policy is invalidated.
but i mean vpn policy based on ip (not domain). Big range of ip /22-/15. If i add 206.253.88.0/22 to vpn policy - then everything go well, but thrue vpn. if i delete 206.253.88.0/22 from vpn policy - then i see in logs that controld redirect some sites and see 206.253.. ip, but these sites do not open in the browser.
PS
Logs in the AGH