@David-TP 

That is stupid and non-standard. A crippled implementation, as OpenVPN is, too. Every free WireGuard app uses these parameters, and not wanting to route the whole traffic through the VPN is the simplest thing. Without that the whole WireGuard thing on Deco is useless...

David-TP wrote

  @eth2 

Hi, welcome to the community.

I'm afraid the current network behavior is expected. You might need to only select the hardware IP Phones as the VPN clients, instead of All clients under "Access Permission“.

 

I consulted the engineer about the possibility of selectively routing network traffic through the WireGuard VPN connection earlier. and Deco is unable to permit partial network traffic on the same device through VPN tunnels; it's either all or none.

 

Thank you very much and best regards.

  @eth2 

I did spend 8 hours of work into the OpenVPN-Client on my Deco network, and it shows the same non-standard behavior! It seems the X50 is crippled, so it does not interfere with the business products. I won't recommend the Decos to anyone who is doing VPN at all, as there is also no way to debug the connections. My work time is more worth than all five X50s in my home, and I'm going to recycle them as mesh access points only and build myself a decent router with OPNSense...

Routers with OpenWRT can do point routing via VPN. TP-link routers are made on the OpenWRT base. There are no technical problems.

Playing with Wireguard triggered a 100% cpu load on my main Deco router which persisted even after I removed the Wireguard profile. This made the network come to a complete halt and the Deco reboot itself every 5-10 minutes. I could only fix this by factory reseting each Deco and recreating the network from scratch. I agree, Deco is a disappointment. Never again will I buy anything from TPLink.