VPN as WAN traffic

Elite_Technology_Des · February 17, 2026, 10:22pm

I have successfully set up VPN as WAN with NordVPN. I have successfully gotten it to work. My use case is to have only one VLAN tied to it. I have successfully completed all of that. What I can’t figure out is how to lock in the VPN as WAN to only be used by the VLAN I have specified in outbound rules.

Basically, the only way that I can get the VPN WAN to be active is to place it in priority one, second position underneath the actual Starlink connection. When I do this, inevitably, every time at some point, the connection of my primary VLAN always rolls overt the VPN WAN. I wouldn’t be able to pinpoint when this happens, but I am sure that it is during a small micro outage, or something that is triggering it to roll over to position 2 WAN.

Any suggestions?

Summery,

2 VLANS

VLAN 1 always tied to physical WAN connection with no chance of it rolling to WAN 2 (VPN as WAN)

VLAN 2 always tied to VPN as WAN connection with no chance of failover to physical WAN.

Elite_Technology_Des · February 25, 2026, 3:19pm

Bumping for increased views

bryn.loftus · February 25, 2026, 11:58pm

use outbound policy. create an outbound policy that has a source of your vlan 1, enforced to wan2 no failover.

create a second outbound policy that sources vlan 2, enforces vpn with no failover.

Mark_Turner1 · February 26, 2026, 12:19am

I was playing with VPN as WAN today and found that all traffic seemed to end up going via the VPN eventually, no matter what outbound policies I had set. I think it’s because the OpenVPN config I used for the VPN as WAN connection has a default route forcing all traffic out via the VPN.

Also, it feels wrong that the OpenVPN connection isn’t established unless it is at priority 1. Other WANs work fine in lower priorities.

Elite_Technology_Des · February 26, 2026, 4:29pm

Thanks for your reply. That is what I found as well. Hoping someone can shed some light on it.