I have setup my WireGuard VPN to an external provider by following the WireGuard Selective Routing to External VPN Endpoint guide (https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html). All firewall rules, etc, setup as per the guide.
I have 4 clients (on 2 different VLANs) that use this VPN connection for their traffic.
Everything works as expected - No issues.
Question:
Contrary to most people, what I would like is that if this VPN connection drops/ disconnects, I would like to have these 4 clients use the normal (default) WAN Gateway - so that internet services are not impacted.
i.e. the opposite of Kill Switch
What settings or firewall rules do I need to add to accomplish this? Layman/ newbie explanation please...
What I have already tried?
Enabling/ disabling the gateway Monitoring Skip Rules check-box seems to have no effect.
As far as I know it is the default behavior for policy based routing.
That is what my guess was as well... but as soon as the VPN Gateway drops, the 4 clients lose their connection to the internet.
I will post my firewall settings shortly, maybe there is an issue there.