How to forward and wireguard connection inbound to NORD VPN OUTBOUND INTERFACE

[Westy69]

Hi All. Hope you can help me out.
I have set up my wire-guard and can connect in remotely to my network and can browse the internet while connected.
However when I do What is my IP in my phone browser when connected remotely. It comes up with my WAN DHCP address.

Is there any way I can configure my OPN SENSE router to do 2 things...
1. priority #1 out to the internet VIA my NORD vpn CONFIGURED INTERFACE (THAT ALL RUNS FINE AND I CAN BROWSE INTERNET ETC WITH THE NORD 116 ADDRESS POOL.

2. if the nord interface is state DOWN ... can I then route it out of my main internet WAN interface?

I know I have probably not explained myself well at all.... but hope you legends can help.
Cheers
Westy - NZ

[tiermutter]

For #1 you need a NAT outbound rule.
Set outbound mode to hybrid (should be already done) and create a rule setting wgX interface as source and nord VPN as interface.

For #2 what you want can be done with policy based routing (failover).
Create a gateway group with tier 1 nord VPN and tier 2 WAN, then in FW rules set gateway for "default allow" rule of the WG interface to the gateway group.

Have not tested this scenario, but sounds to me like it can be working

[Westy69]

hi Thanks for that.

Tried to set up a NAT rule but it would not work. Wireguard is still finding my WAN as outbound natural interface.

My Other Vlans use NORD VPN interface and applicable 116 address out.

not sure what to do to fix it.
but thanks for your tips.

[Westy69]

FIGURED IT OUT

added a Firewall rule in my Wire Guard interface