diff --git a/src/build.bash b/src/build.bash
index 9db1edc..f4b3532 100644
--- a/src/build.bash
+++ b/src/build.bash
@@ -62,6 +62,11 @@ for profile in $profiles; do
   sed -i "s/option version .*/option version '$release_version'/" "files/etc/config/routro"
   sed -i "s/option profile .*/option profile '$profile'/" "files/etc/config/routro"
   
+    # Check and copy profile-specific network config if it exists
+  if [ -f "files/etc/config/network.d/$profile.conf" ]; then
+    cp "files/etc/config/network.d/$profile.conf" "files/etc/config/network"
+  fi
+  
   IMAGEBUILDER_REPO="openwrt-imagebuilder-$PATH_PART.Linux-x86_64"
   cd "$IMAGEBUILDER_REPO"
 
diff --git a/src/files/etc/config/firewall b/src/files/etc/config/firewall
index fc33240..cfd916f 100644
--- a/src/files/etc/config/firewall
+++ b/src/files/etc/config/firewall
@@ -29,6 +29,15 @@ config zone 'wwanzone'
         option masq '1'
         option mtu_fix '1'
 
+config zone 'wan2zone'
+        option name 'wan2zone'
+        list network 'wan2'
+        option input 'REJECT'
+        option output 'ACCEPT'
+        option forward 'REJECT'
+        option masq '1'
+        option mtu_fix '1'
+
 config zone 'wg0zone'                       
         option name 'wg0zone'               
         list network 'wg0'                  
@@ -53,6 +62,10 @@ config forwarding
         option src 'lan'
         option dest 'wwanzone'
 
+config forwarding
+        option src 'lan'
+        option dest 'wan2zone'
+
 config forwarding                                    
         option src 'lan'                             
         option dest 'wg0zone' 
@@ -65,6 +78,10 @@ config forwarding
         option src 'guest_zone'
         option dest 'wwanzone'
 
+config forwarding
+        option src 'guest_zone'
+        option dest 'wan2zone'
+
 config forwarding                                    
         option src 'guest_zone'                             
         option dest 'wg0zone' 
diff --git a/src/files/etc/config/pbr b/src/files/etc/config/pbr
index 1016120..193b537 100644
--- a/src/files/etc/config/pbr
+++ b/src/files/etc/config/pbr
@@ -24,7 +24,7 @@ config pbr 'config'
         list webui_supported_protocol 'udp'
         list webui_supported_protocol 'tcp udp'
         list webui_supported_protocol 'icmp'
-        list supported_interface "wan wwan wg0"
+        list supported_interface "wan wan2 wwan wg0"
 
 config policy                                                     
         option name "IrIp to wan"                                 
diff --git a/src/files/etc/rc.local b/src/files/etc/rc.local
index 5cd1f7b..d919fc1 100644
--- a/src/files/etc/rc.local
+++ b/src/files/etc/rc.local
@@ -34,8 +34,11 @@ uci set routro.remote.accesshost="-"
 #################################################################################
 #-------------< Network 
 #################################################################################
+# Check if wan2 exists in network configuration
+if ! uci -q get network.wan2 > /dev/null; then
+    # Only apply network settings if wan2 doesn't exist
     # Set default lan IP to 151 range
-uci set network.lan.ipaddr='192.168.151.1'
+    uci set network.lan.ipaddr='192.168.151.1'
     # Set default wan metric
 uci set network.wan.metric='20'
 uci set network.wan6.metric='1'
@@ -60,6 +63,7 @@ uci set network.Guest.proto='static'
 uci set network.Guest.ipaddr='192.168.3.1'
 uci set network.Guest.netmask='255.255.255.0'
 uci set network.Guest.device='brlan-2'
+fi
 
 
 #################################################################################
diff --git a/src/files/usr/bin/wg_scripts.sh b/src/files/usr/bin/wg_scripts.sh
index f3bd8fb..5ac6b53 100644
--- a/src/files/usr/bin/wg_scripts.sh
+++ b/src/files/usr/bin/wg_scripts.sh
@@ -19,14 +19,20 @@ function fix_VPN_route {
         
         if [ ! -z "$WG_HOST_IP" ]; then
             # Delete existing route if it exists
-            ip route del $(ip route | grep "$WG_HOST_IP" | awk '{print $1 " via " $3 " dev " $5}')
-            
-            WWAN_GW=$(ifstatus wwan | jq -r .data.dhcpserver)
-            WWAN_DEV=$(ifstatus wwan | jq -r .device)
+            ip route del $(ip route | grep "$WG_HOST_IP" | awk '{print $1 " via " $3 " dev " $5}') 2>/dev/null
+
+            # Try wwan first, then wan2
+            for INTERFACE in "wwan" "wan2"; do
+                GATEWAY=$(ifstatus $INTERFACE | jq -r .data.dhcpserver)
+                DEVICE=$(ifstatus $INTERFACE | jq -r .device)
             
-            if [ ! -z "$WWAN_GW" ]; then
-                ip route add "$WG_HOST_IP" via "$WWAN_GW" dev "$WWAN_DEV" proto static metric 1
+                # Check if we got valid gateway and device
+                if [ ! -z "$GATEWAY" ] && [ "$GATEWAY" != "null" ] && \
+                   [ ! -z "$DEVICE" ] && [ "$DEVICE" != "null" ]; then
+                    ip route add "$WG_HOST_IP" via "$GATEWAY" dev "$DEVICE" proto static metric 1
+                    break  # Exit the loop once we've found a valid interface
             fi
+            done
         else
             echo "Failed to resolve WG_HOST ($WG_HOST) to an IP address."
         fi
@@ -87,9 +93,15 @@ elif [ "$1" == "off" ];then
     echo "turn of the wireguard"
     ifdown wg0
 
-    # uci set mwan3.vpn.use_policy='wwan_only'
-    # uci commit mwan3
-    uci set pbr.@policy[1].interface='wwan'
+    # Try wwan first, then wan2
+    for INTERFACE in "wwan" "wan2"; do
+        # Check if interface exists and is up
+        if [ -n "$(ifstatus $INTERFACE | jq -r '.up')" ] && [ "$(ifstatus $INTERFACE | jq -r '.up')" = "true" ]; then
+            uci set pbr.@policy[1].interface="$INTERFACE"
+            break  # Exit loop once we've found a valid interface
+        fi
+    done
+    
     uci commit pbr
     
     fix_VPN_route