Hi al,

I have a Draytek Vigor 2927 running the latest firmware.  My LAN runs multiple VLAN/Subnets.

I have a NordVPN subscription.  I have a number of outbound router level VPNs set up that connect to various Nord servers across the globe.

If I route one of my devices on the LAN, say a laptop through a NordVPN connection via the routers 'route policies' facility, it appears to work and I can still ping other local devices on the LAN. For example I could connect to a Nord server in Armenia and my device would get a WAN IP located in that country (using 'What is my ip') and I can still ping and communicate with local network devices.

However, if I connect to a NordVPN server via the Wireguard App on my iPhone for example it completely cuts off any communication with other local devices.  So if I connect my iPhone to a NordVPN server (whilst still connected to my local LAN) I cannot ping anything on the local subnet.  For clarity I'm not using a route policy for my phone - just a direct connection to NordVPN via the Wireguard iOS app

I'm guessing its some sort of routing issue but I dont know where to start

Hi Jonathan ,

Sounds like the 'Wireguard iOS app' is doing a catch-all and routing all traffic through the VPN tunnel, this isn't a bug, it's a feature. Some apps will allow you to toggle or enable/disable the "route all traffic via the tunnel" option.

Totally depends on the device, the app, the VPN provider etc... It'll be a routing table situation (within the iPhone), controlled by one these items; or several of them.