This turns out to be the solution. Once I disabled the IPv6 address of the wan6 interface, the router became able to ping IPv6 addresses. It appears others have been affected by this issue with my ISP (Hyperoptic in the UK) - e.g. Opkg update fails due to IPV6 running and https://forum.netgate.com/topic/135917/ipv6-setup-with-hyperoptic-uk-isp/10
I was then able to get WireGuard working by pointing peers to the IPv6 address of the router's lan interface.
Thanks to everyone who responded.