VLAN source routing

I'm trying to understand how vlans can be used on my ERL and am using this as a reference: https://help.ubnt.com/hc/en-us/articles/204952274-EdgeMAX-Policy-based-routing-source-address-based-

I don't have two LAN subnets, only one, but i would like to set up routing so that some ip addresses use eth0 (WAN Interface) and some use vtun0 (VPN) for internet access.  WAN host is 192.168.2.53, VPN hosts are everything else.

I have two tables set up:

# show protocols
 static {
     table 1 {
         description "server routes"
         interface-route 0.0.0.0/0 {
             next-hop-interface eth0 {
             }
         }
     }
     table 2 {
         description "vpn routes"
         interface-route 0.0.0.0/0 {
             next-hop-interface vtun0 {
             }
         }
     }
 }

And firewall rules that use them (SOURCE_ROUTE):

# show firewall
 all-ping enable
 broadcast-ping disable
 ipv6-receive-redirects disable
 ipv6-src-route disable
 ip-src-route disable
 log-martians enable
 modify SOURCE_ROUTE {
     enable-default-log
     rule 10 {
         action modify
         description "server to eth0"
         modify {
             table 1
         }
         source {
             address 192.168.2.53
         }
     }
     rule 20 {
         action modify
         description "clients to vpn"
         modify {
             table 2
         }
         source {
             address 192.168.2.0/24
         }
     }
 }
 name WAN_LAN {
     default-action drop
     description "packets from WAN to LAN"
     enable-default-log
     rule 1 {
         action accept
         description "Allow established sessions"
         log disable
         protocol all
         state {
             established enable
             invalid disable
             new disable
             related enable
         }
     }
     rule 2 {
         action drop
         description "drop invalid state"
         log disable
         protocol all
     }
 }
 name WAN_ROUTER {
     default-action drop
     description "packets from WAN to Router"
     enable-default-log
     rule 1 {
         action accept
         description "Allow established sessions"
         log disable
         protocol all
         state {
             established enable
             invalid disable
             new disable
             related enable
         }
     }
     rule 2 {
         action drop
         description "drop invalid state"
         log disable
         protocol all
     }
 }
 receive-redirects disable
 send-redirects enable
 source-validation disable
 syn-cookies enable
[edit]

And last but not least, the interfaces with the VLAN's to use the firewall rules:

# show interfaces
 ethernet eth0 {
     address dhcp
     description WAN
     dhcp-options {
         default-route update
         default-route-distance 210
         name-server no-update
     }
     duplex auto
     firewall {
         in {
             name WAN_LAN
         }
         local {
             name WAN_ROUTER
         }
     }
     speed auto
 }
 ethernet eth1 {
     address 192.168.2.1/24
     description LAN
     duplex auto
     speed auto
     vif 100 {
         firewall {
             in {
                 modify SOURCE_ROUTE
             }
         }
     }
     vif 200 {
         firewall {
             in {
                 modify SOURCE_ROUTE
             }
         }
     }
 }
 ethernet eth2 {
     duplex auto
     speed auto
 }
 loopback lo {
 }
 openvpn vtun0 {
     config-file /config/auth/us_midwest.ovpn
     description VPN_CLIENT
     disable
 }
 openvpn vtun1 {
     config-file /config/auth/server.ovpn
     description VPN_SERVER
     disable
 }
[edit]

How do i get this to work so the traffic is split like the example i showed.   If i run this and the vpn interface is up, all traffic from all sources go through the vpn.  If it's down, all traffic goes through eth0 / WAN.  No traffic shows on the vlan intefaces either, all on eth1.