@JohnDoe999 

 

JohnDoe999 wrote

Hi everyone,

 

I’m new to networking and diving into Omada for my home setup, so bear with me if this is a noob question! I’m running an Omada software controller with an ER7206 router and an EAP610 access point. My internet comes through fiber, and I’ve set up a third-party VPN provider using WireGuard at the router level for privacy.

 

What I’m Trying to Do:
I want to route traffic for some VLANs through the VPN while letting other VLANs bypass it and use the regular internet connection directly. For example:

• Devices like PCs and phones on certain VLANs should go through the VPN for privacy.
• Gaming consoles and devices on other VLANs should bypass the VPN because they don’t work well with it or just don’t need it.

 

The Challenges I’m Facing:

1. I’m not entirely sure I’ve set up my VLANs correctly. I’ve tried creating both LAN and WLAN VLANs, tagging the devices appropriately, but I’m not confident it’s done right.
2. I can’t figure out how to create the routing rules or policies needed to make some VLANs use the VPN and others bypass it. I’ve read a lot of documentation, but most of it focuses on remote-access VPNs instead of using a third-party VPN for privacy.

 

What I’ve Tried So Far:

• Set up the VPN at the router level (it’s working fine for all traffic).
• Created VLANs and tagged devices based on how I want traffic to flow.
• Looked into routing options but got stuck figuring out how to separate traffic for the VPN vs. regular internet.

 

What I Need Help With:

1. Can someone confirm how to set up VLANs correctly for both LAN and WLAN? A simple step-by-step or a pointer to a good guide would be amazing.
2. How do I configure routing rules so certain VLANs use the VPN while others bypass it? Is there a straightforward way to do this in the Omada controller, or will it require additional configurations?

 

I really appreciate any help or advice. I’m trying to learn as I go and might not have all the right terms down, so thanks for your patience!

 

 

1. How to create a VLAN you will find a description here

https://community.tp-link.com/en/business/forum/topic/656144

 

2. What you are trying to do is not possible now, but in version 5.16.x policy routing will be added to WireGuard and then you will most likely be able to route more flexibly. So unfortunately you will have to wait.

 

 

Thankyou for the response, it's a big help. So it isn't currently possible with wireguard. Would it be possible if I use OpenVPN instead? This is also an option with my VPN provider.

  @JohnDoe999 

 

 

no, it's the same with OpenVPN, there appears to be policy routing at some point in controller version 5.15.xx.xx, the only thing that has policy routing is L2TP, if you can you use it? there is also PPTP but I don't recommend using that, outdated and insecure, I hope TP-Link removes PPTP from the router soon to be honest.