VPN Policy Mode by Specified Devices (Client MAC) Not Working

orangemoss · September 19, 2025, 7:53pm

Hello,

I cannot get Policy Mode by Specified Devices (Client MAC) to work. Here is my scenario

I have 2 tunnels, 1 primary, one secondary. I have Primary tunnel vpn location set to Seattle (i am making up locations for both vpn examples). I have Secondary tunnel vpn location set to Dubai. Now, i wanted the Secondary tunnel to be based on Specified Devices. I took the MAC addresses for the 4 devices i wanted on the Secondary tunnel, and input them. (note - the MAC addresses are not rotating. One MAC is fixed, the other MACs have the default MAC settings). However, none of the 4 devices are showing the vpn location of the Secondary tunnel (Dubai). All 4 devices show IP location of tunnel Primary, Seattle. Why are the devices on the secondary tunnel not showing the secondary tunnel’s locaiton?

Note - router firmware is upto date and most recent. one device is apple product, but icloud relay is not on.

orangemoss · September 19, 2025, 8:27pm

also i have killswitch enabled to each individual tunnel. All Other Traffic is off.

will.qiu · September 20, 2025, 6:56am

Hi

VPN tunnels have priority settings.

If your primary tunnel is configured as follows:
From - All Clients
To - All targets
Via - Seattle
it will match these four devices.

Try dragging your Secondary tunnel to a higher priority to see if that resolves the issue.

orangemoss · September 20, 2025, 5:16pm

xtremly obvious, thx will. cant beliee i did not think of that