VPN Policies on 4.2.1

I’m a little embarrassed but I can’t seem to wrap my head around how to accomplish what I was able to with VPN policies back on v3.x

I’m using the Flint AX1800, and essentially I want all traffic to go through the VPN except for a few specific domains. In the old firmware, it was as simple as a VPN policy of ‘Do not use the VPN for these domains’ and a list of addresses.

Now it seems like you either use the VPN for everything (Global Proxy), or you have to do specific routes for everything that is allowed in order to also have a list of what’s not allowed. Am I missing something that should otherwise be obvious?

Please switch Proxy Mode to Based on the target domain or IP in VPN dashboard page.

That makes sense but the policy mode ‘Based on the target domain or IP’ requires defining everything you want to go through the VPN as well as what doesn’t go through the VPN… so how to configure that? It doesn’t appear to support a wildcard of * for allow…

What kind of rules do you need to configure? *.abc.com or www.a*b.com?
For the former, all you need to do is enter abc.com.

I want all traffic to go through the VPN except just a few domains. How can I do that? It doesn’t seem to accept a wildcard for the allow, so I don’t know how to configure it to be like the old firmware version, which seemed to have an implicit allow ‘all’ for the VPN and allowed configuration for just the exceptions of what shouldn’t go through the VPN. Does that make sense?

Please take a look at the text on the interface. In this case, all traffic will use the VPN except when accessing the domain/IP in the list.