Hi all,
I followed, https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html and got my OpnSense to connect to AirVPN and all is working well.
ProTIP for those new to this: Adjust the MSS to 1300 or you will get slow speeds and dropouts.
Anyway, I want to do the opposite of selective routing. I want all LAN devices to default to being routed over Wireguard and have a list of IPs in an Alias that must have traffic go directly to WAN.
I tried selecting "Source / Invert" on the Alias but it isn't working as I expected. Anyone care to provide any hints?
Thanks.
Managed to figure it out.
Used 'Network Group Aliases' to put the whole network as forwarded to WG and another list for exclusions.