VPN Cascading with Domain or IP based policy

Can someone please provide a simple guide on how to set up VPN cascading with a domain/ip based policy?

I have been trying to acheive the following unsuccesfully:

I have a Brume 2. I can connect it to a paid VPN service (OpenVPN) as a client. I want all my traffic except the ips and domains specified to go to through this VPN service. I want to be able to connect to my Brume 2 remotely as a client using my Android phone, PC or TV. I want this traffic also be tunneled through the VPN service, except for the specified IPs or domains.

I have tried to follow several examples online but nothing I do works. The way I have been testing it is to add fast.com (Netflix speedtest) to the list that should not go through the VPN, connecting to my Brume 2 via Wireguard from my laptop and hitting that site. The location it shows is the same as when I try a different ip location or speed testing site. They should be different. The fast.com location should be the location on my Brume 2, and any other site should bring me back a different IP and location.

Can someone please help me with a simple, step-by-step, guide please? Do I need to change DNS settings etc.?


When using VPN cascading, all data will go to your paid vpn service. The vpn policy on the router does not work.
The policy should be done in the client side (i.e. your phone).
This is by design now.