Messages

I don't see why that shouldn't be possible. Probably a stupid question but: should I do that on the router-box or on the wireguard server/box? I have never used tcpdump before. The wireguard server is running a Dietpi, i.e. linux so tcpdump as a tool will not be a problem.

Before switching to OPNsense I was running a different (linux) router where I had a working setup to allow remote clients access to my LAN via Wireguard. Wireguard runs on a dedicated client/server connected to the LAN-NIC but within its own VLAN. This setup works when not using OPNsense as router and firewall.

On the OPNsense I have (WAN) portforwarding active for the wireguard port pointing to the wireguard server's IP.
Rules allow access on this port from my main LAN to the wireguard machine's VLAN. For testing I actually fully opened these two firewalls, makes no difference.
I'm pretty sure the issue is related to a missing gateway configuration but I don't understand the logic of OPNsense ('s GUI).

Could anybody explain what I need to do exactly? The goal is to a) allow the remote client to access the WAN via the Wireguard VPN and b) allow the remote client access to the local clients/main LAN. Input much appreciated!