I want to access the devices on my local network, I'm interested specially in the CCTV camera and the Desktop via VNC.
Unfortunately, I use a 4G modem at home, so no public IP, and no chance, as I already asked.
Actually, I have a VPS with IP public and an Wireguard server, instead on my local network I have a router (GL.inet MT300V) with wireguard client and the connection client server work correctly, also with the other device in local I can surf with the IP PUBLIC assigned to the VPS.
My problem is to connect at IP PUBLIC xxx.xxx.xxx.xxx:80 to call internal IP like 192.168.8.15:80.
it should work fine to run two instances of wireguard on the VPS. one would be for your home router and the other for your laptop. you will need to configure it so all the IP address ranges are allowed, and configure the VPS to allow forwarding between the wg interfaces... but otherwise it should work fine. I do this all the time.
edit: there are wireguard programs for Android, Linux, windows, macos, iOS... so you can run it on whatever your client is
I can't install the clien in all other device, but i want to know how I can "ou will need to configure it so all the IP address ranges are allowed, and configure the VPS to allow forwarding between the wg interfaces...", can you exlpaine it better?
Right, but you don't necessarily have to have wireguard on every client machine. For example you can use a travel router remotely and then allow all your client machines to connect to this travel router.
I don't know about wireguard exactly, but you can also use OpenVPN-server on VPS, and clients. After that you should configure LAN behind client, RoutedLAN.
I use only Wireguard, please see the updated image. After last info I can ping the router on 192.168.8.3 but I Can't ping other device in lan like 192.168.8.15. Thanks in advance.
I can ping the router on 192.168.8.1 but not a device on 192.168.8.175, please help me to understand why the ping to an ip without device reply with "destination host unreacheble" instead the ping to device no reply.
Yes, however I suggest you to assign 'wg0' to new zone. In my config, as @lleachii has mentioned, there is no word after zone, or forwarding. 'wg0' is treated in firewall as interface, not device, see /etc/config/network