I’m trying to figure out how to route only certain VLAN traffic over a VPN like PIA. Most of the guides I see are for routing all traffic over the VPN.
If you have say vlans for ISP, Guest going out your default WAN (being your ISP) then on say your VPN vlan you just need to have a rule directing your exit out of your VPN WAN instead of default.
I’ve basically done that for my VPN_vLAN, all traffic on that vlan exits via my VPN service.
This . Also, if your have traffic going to two different gateways under the same network, don’t forget to set a kill switch for the devices required to go out the VPN (if you really want that).
Did you have to set up any NAT outbound rules like in the PIA tutorial or just made an interface for the VPN and assigned the VPN VLAN firewall rules to use that interface/gateway?
Yes as @David says set the killswitch under System > Advanced and select Miscellaneous, then in Gateway Monitoring ensure the following option is set:
Skip rules when gateway is down = Yes/checked