I have setup a VLAN for guest wifi. In addition, I have a VPN setup on the router such that all of this VLAN internet access goes out through the VPN using the "Routing Policy" feature. I have also enabled LAN to LAN1 in the "LAN Access" page, hoping to be able to access clients on the guest VLAN from the main LAN. However, it appears that the routing policy is sending all response packets through the VPN instead of back to the main LAN. This implies that, at least via the GUI, these features are mutually exclusive. Will I need to use custom iptables rules in the Firewall scripts page to achieve what I want?