Wireguard - Can only access router, not full LAN

[Ridante]

Hello all,

I've done plenty of searching around online and on the forums. I found one other instance that seemed to have a similar issue, but I'm not able to troubleshoot the same resolution they had: https://forum.opnsense.org/index.php?topic=32344.0

I followed this guide to set things up: https://docs.opnsense.org/manual/how-tos/wireguard-client.html

What I  have been doing is turning off wifi on my phone and connecting through my cellular network (for some reason, if I have wifi on, it doesn't look like it is going through the tunnel?). When I connect, I am able to access my router at 10.0.0.1, but nothing else. I've tried various forms of firewall rules, but I still can't seem to get anything else to resolve. As a note, I am only able to access the router using the IP, not the hostname, so DNS is not working.

Additional note: I'm running 24.1.1 with amd64 architecture.

Any thoughts? Any advice is greatly appreciated!

[Ridante]

Adding screenshot of my phone's wireguard config and the firewall log.

[Ridante]

Added a packet capture on the WG interface.

[Ridante]

Thanks to mete on IRC, I finally got this resolved.

I'm intending to learn about VLANing and initially set up the LAN network with a /16 so that I could get my IPs close to what I wanted before actually breaking them into their respective VLANs, with the expectation that I would later add new VLANs and interfaces and break the network into a /23. By having LAN on 10.0.0.0/16 and the WG config at 10.0.3.0/23, it was breaking routing. Changing the wireguard interface to 172.16.0.0/24 and restarting the wireguard service got it working.