Accessing omada EAP web server over wireguard

I have installed/configured wireguard on my openwrt home server and android phone. I usually manage my Tplink Omada EAP over its web-server access. It isn't responding when I access it with wg VPN. Looks like EAP doesn't want to respond to 10.x.x.x address my phone. tcpdump shows packets going from phone ip 10.x.x.x to EAP ip 192.168.x.x but don't see anything from EAP in response. Should I setup my openwrt router to masquerade on wg0 interface?

It’s hard to answer that question without understanding your network topology and configuration.

Masquerading may be a solution, as could static routes. Depends on the details.

Can you provide a basic diagram of your network?

Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/firewall
1 Like

sorry for the delay. I have openwrt running on a 2 port x86 (WAN port and LAN port). It also runs wireguard and Tp-Link 615 AP is attached to the LAN port on the x86 openwrt router. Since other services work from other LAN devices (via wifi using Tp-link AP) and wireshark on openwrt router sees packets from it (WG IP address) to Tp-link AP but nothing from the AP. I assumed that the Tp-link AP has a firewall to not respond for any IP other than LAN ips.