Wireguard S2S + Road warrior

[mahagen]

Hi All,

I have two sites with OPNSense latest business edition. Sites A and B are connected via a wireguard tunnel. This tunnel is running fine from LAN, I can reach A from B and visa versa 

Now the issue is, both sites have wireguard road warrior setup, they are working and can access LAN and even tunnel all networking when using 0.0.0.0/0. But I cannot reach the other site's LAN ...

I've used the site2site and road warrior setup from the official docs, IP setup is quite similar to the examples.
https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html
https://docs.opnsense.org/manual/how-tos/wireguard-client.html

I've spend several days and tried all kind of different settings (with/without interfaces, extra NAT) but for the life of me cannot get it to work..

What also puzzles me is that one of the sites has got a legacy IPSec s2s connection and this is accessible from the road warrior 

Obviously I'm missing something but what?? anyone can guide me into the right direction?

Thanks in advance....

[mahagen]

Allright, got this working to one side by adding a gateway, adding rules directing to this gateway and some NAT. All based on https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html and some info from this forum.

Surprises me there's no how-to since this is a very standard setup.