Wireguard selective routing for all except those listed in the alias

[autone]

Hi all,

I followed, https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html and got my OpnSense to connect to AirVPN and all is working well.

ProTIP for those new to this: Adjust the MSS to 1300 or you will get slow speeds and dropouts.

Anyway, I want to do the opposite of selective routing. I want all LAN devices to default to being routed over Wireguard and have a list of IPs in an Alias that must have traffic go directly to WAN.

I tried selecting "Source / Invert" on the Alias but it isn't working as I expected. Anyone care to provide any hints?

Thanks.

[autone]

Managed to figure it out.

Used 'Network Group Aliases' to put the whole network as forwarded to WG and another list for exclusions.