I have WireGuard Client running on my Flint 2 router which is configured as following:
Route Mode: Customize Routing Rules
Block Non-VPN Traffic: Off
Allow Access WAN: Off
Services from GL.iNet Use VPN: Off
Remote Access LAN: Off
IP Masquerading: On
MTU: blank
The only routing rule I have is this one:
What I want to achieve is to exclude qBittorrent running on 192.168.20.111 to bypass the VPN. I need to be able to port forward qBittorrent and using Proton VPN I can achieve this with natpmpc but I have to get a new port every reboot. So I wanted to let qBittorrent bypass the VPN so that I can port forward properly without having to update it constantly to a new port.
The problem is, however, that when the VPN is on, I can't reach my qBittorrent port (using my real IP). When the VPN is off, it's reachable. I think it has something to do with the response coming back via the VPN instead of my real IP.
I have tried many routing rules but none of them seem to work. I am aware that there is a "Policy Mode" option based on target domain / IP address but when I enter qBittorrent's IP address in there with the option "Don't Use VPN", it still uses the VPN. Plus using that mode masquerades all local IP addresses as the default gateway which is not good for DNS monitoring in Adguard Home.
I have WireGuard Server running as well which is connectable through my real IP, and WG Server responds back with my real IP as well (I think) otherwise the connection wouldn't be established. I want to achieve the same thing with qBittorrent but I have no idea how.
If anyone can help me with adding the correct routing rule to bypass the VPN for a single device/IP that would be great...