Don't use ULAs as @mikma said most endpoint OS don't consider a ULA valid to originate a connection to a GUA on the v6 Internet.
To NAT you need to issue the LAN clients local IPs which look like GUAs but are never going to actually exist on the Internet, as trying to reach a site that has a public IP in the same subnet as your LAN IP will not route properly.
There is no officially reserved block of GUAs for this purpose. I have used "documentation" block this way: 2001:db8:<16 random bits>::/48.
From this /48 statically assign one /64 to each road warrior client e.g. 2001:db8:<same 16 random bits>:<16 bit client serial number 0001, 0002 etc>::/64. Install this as an allowed_ip for each client. route_allowed_ips is not needed on the server since you're routing the entire /48 to the overall wireguard interface. Wireguard will internally use the allowed_ip to send packets into the proper tunnel for each client.
Also allocate a LLA for each client (fe80::) and make it a /128 allowed_ip. The overall interface can be fe80::0/64.
Giving each client a full /64 allows them to randomly SLAAC their last 64 as most OS want to do for privacy. Of course in this case you're going to NAT everything out to one IP anyway.