Policy Based Routing
Just created a couple of NordVPN OpenVPN tunnels and set up a Gateway group.
Am I correct in stating my non VPN routed networks needs to be set up like this:-
Where h_ip_local = my local subnets excluding the Nord routed network.
Everything seems to be working fine, first go at multi WAN & policy based routing :)
You essentially have two choices when dealing with an OpenVPN provider "WAN."
DO NOT check Don't pull routes in the OpenVPN client configuration and policy route the traffic you DO NOT WANT to go over the VPN.
DO check Don't pull routes in the OpenVPN client configuration and policy route the traffic you DO WANT to go over the VPN.
I generally prefer option 2 but that presents problems if you do not understand the ramifications of the fact that connections originating FROM THE FIREWALL ITSELF cannot easily be policy routed.