Hi everyone,
Apologies for the delay. as I had desisted I must admit I did not visit this post in a while.
However, I am happy (and highly ashamed) to relate that the issue is resolved and was caused by a somewhat embarrassing faulty setup on my part.
This:
and this:
Made it click for me.
I know this has been beaten to death all over the documentation, and even pointed out to earlier in this very thread! I even thought I had understood this.
However, my brain had all this time failed to connect the fact that: The rules are set up in the AppVM and applied in (as in: by -and not ON) the FirewallVM. Took me reading the docs for a millionth time and the above quoted sections of your posts to realize that.
The set up had probably been working all this time, I was just mistakenly configuring the rules in the FirewallVM thinking that the FirewallVM would apply them on the VPN VM. Now, it is painfully obvious this would never work, as previously explained by all of you, because the rules are applied by the VPN VM itself; and since it cannot (by design?) resolve hostnames, no traffic would come out of it.
I profusely apologize for wasting everyone’s time “troubleshooting” something which wasn’t broken, just misconfigured due to a lack of context on my part.
I also thank you very much for your patience and the valuable knowledge you have provided me with throughout this process.
I hope I can return the favor to other users at some point.
SU