I have been banging my head with this one for a few weeks. I am setting up 3 Wireguard connections to nordvpn. Two of which will be used as failover Gatway for Vlan 200, this one works, and the 3rd connection will be used as a sole gateway for vlan 100.
I have setup the connections, and everything appears to be fine. The failover connection works, but the third connection refuses to route traffic, even though the gateway appears to be up. My hunch is that it has something to do with the tunnel address / gateway configuration.
I have setup 3 peers, as per screen shot using the information I obtained from my keychain access as per this https://www.reddit.com/r/WireGuard/comments/xqz102/extract_nordvpn_wireguard_config_with_macos_no/
I have setup 1 instance per peer, and setup the tunnel address and gateway as per screenshots
I have setup an interface and a gateway for each instance, all gateways appear to be up, and the MT gateways both work and speed is very very good (I am getting > 800Mb/s from a 1Gb/s connection, with minimal cpu usage unlike openvpn).
The US gateway simply refused route any traffic out (from either Vlan 100 or Vlann 200) even though it appears online. The RTT also appears to make sense. An openvpn connection used as gateway works fine.
Any ideas would be greatly appreciated.
Just adding more screenshots of the config for context
Answering my own question. I was missing a NAT rule allowing traffic to the WG gateway. Firewall -> NAT -> Outbound.
Interface = The WG Interface
Translation / Target = Interface Address