"
Hey @ssddone,
Thanks for sharing the setup details — super helpful! If you're still running into trouble with the policy-based routing, one thing you might want to double-check is whether your WireGuard tunnel is correctly assigned to a gateway group and that the firewall rule for LAN devices (like 192.168.1.8) explicitly uses that gateway. Sometimes a simple misconfiguration there can prevent traffic from going through the WG tunnel, even if the handshake is successful.
Also, ensure that "Skip rules when gateway is down" is disabled under System > Settings > General, especially if you're testing while the tunnel is not always up.
If you're using DNS to route specific traffic, don't forget to account for DNS leak protection — some people use Unbound with custom forwarding rules or DNS overrides to keep DNS traffic in the same policy route.
Let us know if you found a fix — this could help others too!
Thanks for sharing the setup details — super helpful! If you're still running into trouble with the policy-based routing, one thing you might want to double-check is whether your WireGuard tunnel is correctly assigned to a gateway group and that the firewall rule for LAN devices (like 192.168.1.8) explicitly uses that gateway. Sometimes a simple misconfiguration there can prevent traffic from going through the WG tunnel, even if the handshake is successful.
Also, ensure that "Skip rules when gateway is down" is disabled under System > Settings > General, especially if you're testing while the tunnel is not always up.
If you're using DNS to route specific traffic, don't forget to account for DNS leak protection — some people use Unbound with custom forwarding rules or DNS overrides to keep DNS traffic in the same policy route.
Let us know if you found a fix — this could help others too!
