Wireguard site-to-site setup only works on default WAN IP not VIP

[akron]

Can you post a screenshot of this portforward please?

this is how I have it:

Assuming you already have Site 1 (Client) LAN + Internet  going over Site 2 (Server) Public IP and you want to NAT something from that public IP back to the client LAN

- Port forward rule
- WAN rule automatically created by Port forward rule
- Then Outbound NAT rule on server side to remote LAN Alias/IP on WG interface

not sure if this is the correct way to do NAT over the tunnel but is working sharp

[mimugmail]

Ah, now I got you. The unsupported thing is when you want to add a port forward on the Tunnel Address to internal