[johnnyNobody999]

Section: Client with two peers one to VPN provider other to own server.

I have a question about the PBR instructions. It seems to be a little out of date (I just downloaded the most recent pdf). It states that all addresses in the PBR field are routed through the VPN to the commercial VPN provider (i.e. nordvpn). I just want to clarify this because I setup PBR to route certain ports and certain clients to go to the WAN instead of to the VPN - there's a drop down box that allows what's in the PBR field to be routed to the WAN to essentially bypass the VPN. There are some check boxes not mentioned, also (i.e. Bypass LAN Same-Origin Policy). Actually, there are quite a few options not mentioned in this section. Anyway, I did my best to follow the instructions but was unable to get the clients on my WG server to be routed out on the nordvpn client. I messed things up so badly that I had to restore a known working backup. I've attached screenshots of the nordvpn setup.

Netgear R9000 running firmware 59171

Update1: After much reading, my solution seems to be working OK but I hope it's not going to cause other problems. So far so good. I placed this in the Source routing (PBR) for my WG server (oet1) and got my wifi clients (phones) working when I'm on cell data or some hotspot: sport $(nvram get oet1_port). I had to select "Route Selected sources via WAN" from the drop down box. My WG client to nordvpn is on the oet2 tunnel. According to the IP info, I'm operating within the tunnel to nordvpn so I guess it's OK?