Hello,
I put a url in the domains tab of the VPN (VPN Policy Based On The Target Domain Or IP) only the domains or IPs I have entered is going through the VPN but all the other domains and IPs linked to the main domain are not going through. This causes some sites that are blocked by my ISP to be broken since the other domains linked to it are getting blocked my ISP
Is there anyway I can make all the addresses linked to a domain go through my VPN?
You can't.
Better way is to send all traffic to VPN and just define exclusions.
Ah ok, thats a bit disappointing. Hopfully they add an option for it.
You can't add an option for that because nobody knows which domains are involved; I am sorry.
Good point, alternative option would be something like Asus Fusion where you can run multiple vpns and set what devices use which. Since I only want my TV to use the VPN and nothing else, any idea if thats something GL.iNet is working on?
You can switch VPN policy mode to target device / MAC
Hmm unfortunately i don't have the gl ui in front of me.
But i thought vpn policies would do that, and i believe you also had a option like a domain whitelist instead of a domain policy to wan.
now the only question is if it works, i think on the mtk firmware it is all iptables so there it auto wildcards domains through dnsmasq this will work only if clients use the router as dns ip.
On the op24 variant im gonna say 'maybe', the issue is OpenWrt themselves migrated from firewall3 to firewall4 and deprecated iptables in favor of nftables i think also due to linux, they did added some ways so that iptables can be used in a form of a interpreter/translate proxy, but on very recent versions they are starting to ditch iptables fully (this is not on op24 versions yet), but i can also not confirm if either wildcarding works or if the script even works, its kinda in the middle of a transition.
On OpenWrt snapshots directly wildcarding works now also through dnsmasq and PBR.
-- edit --
I did re-read your post but it will be complicated due to the nature how the wildcarding works in dnsmasq but not impossible, either you can add the sub domains in one of the 2 type policies you can only have 1 type active and then be creative, however you cannot use the root domain itself because it also applies to all sub domains, dnsmasq creates a ipset from all ips visiting that domain and from that ipset policies are used.
I also have turned on my second Flint 2 which is out of use for being a dumbap and these 2 type policies are there 
I guess it is not about subdomains but other domains that are used by a website.
Like YouTube relies on Google Ads for example.
oh... like total different urls?, yea that would not be possible not in a automatic way.
Yeah, I thought about doing that but the issue is you can't have Device targeted/mac and domain targeted at the same time. I want my TV to go through the VPN but I also want a few urls to go through it too when using my phone or PC etc.
I guess I could add the URLs that I want inside the wireguard config, then use the device targeted mode to run it on my tv only. That might work, but I would hate to do that every time I want to change something.
Thanks for the info, issue is it's not "sub domains" like someone pointed out sites like Youtube for example uses Google domains and if Google is blocked by my ISP Youtube won't work. There's many other sites like this too HBO, Hulu etc that I want on my TV but it's blocked in the UK.
If I use device targeted mode that will fix it but I also need url targeted mode too, it would've been super nice if we could have them both running at the same time.
Unfortunately you can't solve your issue because a mixed mode isn't supported.
So you will need to figure out the domains you need to send through VPN and create the policy accordingly.
Already did that with wireshark got all the domains and it was working fine for a week then the domains changed around a bit and it stopped working. Guess I will just have to wait and hope mixed mode gets added or something like Asus Fusion would be great.