Hardware: Archer BE550 Pro v1.6 (Pro model not listed in the Model drop down)

The VPN client does not force all traffic through the tunnel and it does not have a killswitch. I have learned that I was leaking when I discovered my device or guests devices were not routed through the tunnel unless I log in and allow every instance of a new device through the tunnel. Also my phone, PC, and streaming stick, etc randomizes their MAC addresses so they are exposed whenever that happens. It is not a best practice to force other devices to lower their security.

This seems like a vulnerability and it is also very inconvenient to keep an eye on every instance of a new device in the home, log in and allow them through the VPN. It's a better practice that when vpn is enabled, the router should force all traffic through the vpn unless each device is assigned otherwise.

Can a VPN Client request be made to 1. force all traffic throught he VPN and 2. add a killswitch. thank you