macster2075
Very Senior Member
I can't find where in the router gui is this section " Tools > Other Settings > "Wan: Use local caching DNS server as system resolver (default: No)" to Yes"I can't do anything about the VPN not working w/ specific websites. You may have to dedicate a device that's off the VPN for those purposes. Or else identify the public IP(s) of those institutions and route them (as remote IPs) over the WAN using routing policy.
As far as DNS leaks, the better option these days is probably to configure DoT on the WAN and set Tools > Other Settings > "Wan: Use local caching DNS server as system resolver (default: No)" to Yes. This will encrypt all your DNS and route it over the WAN while preserving access to DNSMasq. Just be sure to set Accept DNS Configuration on the VPN to Disabled.