Suggestion on VPN Policy (proxy mode in UI)

Currently these modes are supported:

i.e.

  • Destination domain / IP ONLY
  • Source MAC / IP ONLY
  • VLAN ONLY

I would suggest to add support of MIX of them.
There is a plugin named “vpn-policy-routing” in OpenWRT:

With the use of MIXED rules, we can:

  • use of bypass VPN for specific user client, e.g. no VPN for printer or IoT stuff (source MAC / IP)
  • bypass BitTorrent traffic (with aid of DSCP tag)
  • bypass binaries download source (e.g. googlevideo.com) (destination domain)
  • bypass office IP (when remote work is needed) (destination IP)
  • bypass SIP (destination port)

May I suggest adding something like “vpn-policy-routing” onto the UI, or
support the use of “vpn-policy-routing” package in OpenWRT correctly?

Thanks.

1 Like

Thanks for the suggestions. I will call developers to have a check.

This is really mixed rules. It looks good but once have problem, difficult to solve.

Do we really need such complicated setup?

1 Like