Issue with Adding Google AI Studio to Specified Domain/IP List via VPN

BurnWire · November 29, 2025, 3:58pm

Hello!

Hardware: GL-BE9300
Firmware: 4.8.3

As my region is not supported by certain services, I use a VPN to access them. Normally, I can successfully connect to three services or websites without any issue.

Recently, I attempted to add the Google AI Studio web address to my connection list, but it did not work (please refer to the attached screenshot).

However, the connection works properly when using the WireGuard software.

Any suggestions on how to fix this? Could it be due to an incorrect format in the "Specified Domain / IP List," or another underlying cause?

xize11 · November 30, 2025, 4:17am

Google is tricky one, also other cloud based ones.

The problem is that under normal circumstances when you resolve a domain from the policy list it adds the ip addresses and put it in a ipset.

However when the routing rule is in work, it is not aware of the domain name it just follows what is in the list.

These sites often rotate the same ip addresses which then result into leaking behaviour.

The only misconfiguration you could make is that iptables automaticly wildcards the domain names to, so if you put google.com it does it for all sub domains aswell.

Also because it is google here, they might as well use other sophisticated tracking like fingerprinting, account data (happens to me lol).

BurnWire · November 30, 2025, 2:43pm

No choice but to be a good kid and go back to WireGuard software!

admon · November 30, 2025, 7:53pm

That's mostly the only option if you want to access/exclude special services. Client software is way better in handling this.