Just received my Flint 2, and started poking around. Primary reason I bought it was the VPN functionality. I want to have 4 networks (main, iot, guest, work), and only some of them routed through VPN. With guest network created over the gl.inet admin panel, my routing works perfectly. My lan (main) accesses the internet without VPN and my guest accesses over vpn.
Now the issue comes. I created two more networks in the exact same way as they are created by the gl.inet admin panel but from the openwrt menu, as there is no option in the gl.inet admin panel to do something line that. firewall config, interface config, wireless config, all are perfect, I made the changes from terminal to make sure that there is no discreppancy. Zones and traffic rules as well.
But still, while most everything I can imagine is in place, my configuration is not working and my iot or work networks access the internet without VPN.
Worths mentioning that I installed 4.8 for the updated VPN dashboard and that on the Specified Connection Methods, the guest and iot/work methods have a different icon. See bellow:
According to your screenshot, if the specified connection methods is selected Guest, so only Guest WiFi will go to VPN, and the others interface/network (like iot or work) will not go to VPN.
But this was not the issue, I already tried selecting the other methods. Basically the issue is that for the new networks I manually created (including proper firewall rules, bridges, wireless networks, subnets, etc.), gl.inet admin panel and VPN policy menu does not recognise them. So when I initiate a wireguard (or openvpn) connection, it only adds the applicable firewally forwardings to WAN, LAN and Guest. For the rest I have to go to Luci and add them manually.
Also, for future explorers, when you remove a VPN policy completely, the forwarding will be also removed from the firewall rule, which means that the next time you want a new rule for the "custom" networks, you need to also manually edit the firewall rules.
While I really believe that creating more networks than LAN and Guest is a needed feature, I know that at this point it needs a lot of refactoring to make it work, but still I would like to suggest it to the gl.inet team.
