I also have an SSID that doesn’t get VPN’d, though my DNS is always VPN’d.
As for accessing JellyFin, etc., I think we have somewhat different setups. My self hosted services are by default accessible without a VPN (SSID is on a VLAN with e.g. 192.168.0.0/24, servers are on 192.168.1.0/24, router routes between them). For the blanket VPN’d SSID I have a routing rule that routes over the main, not VPN, table, so local services can be accessed.
So: local traffic has a rule to route without VPN, reddit routes with a specific VPN, and general traffic routes with a different VPN.
There are lots of VLANs involved in my setup, and I’m sure it’s overly complicated and has gaping security issues, but it’s just a home network and it’s kinda fun :(
I also have an SSID that doesn’t get VPN’d, though my DNS is always VPN’d.
As for accessing JellyFin, etc., I think we have somewhat different setups. My self hosted services are by default accessible without a VPN (SSID is on a VLAN with e.g.
192.168.0.0/24, servers are on192.168.1.0/24, router routes between them). For the blanket VPN’d SSID I have a routing rule that routes over the main, not VPN, table, so local services can be accessed.So: local traffic has a rule to route without VPN, reddit routes with a specific VPN, and general traffic routes with a different VPN.
There are lots of VLANs involved in my setup, and I’m sure it’s overly complicated and has gaping security issues, but it’s just a home network and it’s kinda fun :(
Haha don’t sweat it, I certainly won’t be poking holes in your config. Thanks for the rundown!