I've completed v2 of the Routing Policy fixup script. http://bit.ly/tomato-routing-policy-fix-v2 If you use the auto-installer (as described in the documentation), it will download the file to /jffs/etc/config as an init script. The router will automatically start the script on a reboot. It should work w/ Shibby and most variants (e.g., FreshTomato). All I had to test at the moment is FreshTomato (2019.2). It addresses the following two (2) bugs. https://tinyurl.com/y5h6mjbp https://tinyurl.com/yxqd4gsz If a problem is discovered and corrected, it will report "routing table <table-id> updated/modified" in the syslog. Even if you don't think you have a problem, you might want to run it just to be sure. If you fall victim to the second bug, then unless you're using a kill switch, there's a window of opportunity between the problem occurring and being detected where traffic being directed over the VPN will be directed back to the WAN/ISP. When the alternate routing table is not properly configured w/ a default gateway, the routing system falls through to the main/default routing table for resolution, and find the ISP's default gateway. At least w/ a kill switch, you'll only experience a brief internet outage. The default time between checks is 120 secs. If you find your OpenVPN configuration is generating lots of soft restarts (most ppl wouldn't even notice, they happen so quickly and briefly), you might want to reduce this to something more appropriate, perhaps 20 secs in the worst case. The one remaining problem I couldn't correct was the possibility of using the wrong VPN ip as the default gateway. I have no more ability to correct that problem than the Routing Policy feature itself. But I think the likelihood of that becoming a problem is very low.