So, I followed the guide here:
I now have a persistent connection that all client traffic flows through my Wireguard interface to my AWS Wireguard server.
So, now I need to discriminate traffic. Basically, I want my work laptop(192.168.1.197) to flow over the Wireguard connection. But I want my son's xbox(192.168.1.200) to flow over the unencrypted connection.
I suspect I'll need to do something with routing tables and rules, but I'm a little over my head here in terms of devops. I appreciate the expertise and time.