Setup: All devices of group are going out through Nord VPN. I have a single WAN and single VPN client setup
I want all devices of that group to bypass Nord for a specific site, because that site is blocking known VPN providers (in this case, lowes.com)
I’ve tried Policy Based Routing, but that doesn’t seem to work with whatever I try. Any thoughts on how to accomplish this?
I’d eventually like to create a target list, and all the websites specified there would bypass the VPN.
Ahh. Support just got back to me. This is available on 1.973. I’ll have to wait for that, as I don’t want to sign up for early access since my wife and I both work from home. Thanks all for digging in!
I’m thinking the issue is that you are using the DNS for Nord, so Firewalla cannot see the request.
If you go to the VPN client, select the VPN profile, and disable “Force DNS over VPN”, this will use Firewalla DNS and the route should then work.
Can’t you just setup a domain route for Lowe’s.com for your device group to go over WAN instead of VPN? You still have your rule for Internet for device group route to VPN, but when Lowe’s.com gets accessed it should route over VPN.
Same issue 
I’ve changed the Interface from WAN to VPN and back to no avail, along with disabling the above setting.
That’s what I’ve done, other than the last part of your statement, it should go over WAN. It should just “work” but it doesn’t.
I did a test and worked for me. Make sure to clear your DNS cache also on the device by disconnecting from the network and re-connect.
Test I did was create a route to bing.com going out of my WAN, and I have VPN client with my iPhone. I went to Google and did a ‘What is my IP’ and it showed the VPN, then did the same on bing and came back with my ISP IP.
Last, I removed the route, disconnect/re-connect to wifi to clear DNS cache on my phone, and went to bing.com and saw IP of VPN provider.
No luck I’ve tried every iteration I can think to test, along with different machines, iOS, Andriod, Linux, and Windows, to no avail. It has the feel of the firewalla ignoring any routes I put in place. If you all can’t think of anything else, I’ll pass it on to support.
I assumed initially that it was as simple as adding a route as you’ve suggested. It doesn’t seem to work in my case. I wonder if there is some other setting somewhere that I’m overlooking.
Thanks for the assist!