Router as client to existing network as well as VPN gateway


I am new to OpenWrt and have flashed my GL-MT300N-V2 (Mango) now with OpenWrt 23.05.0.

My goal is to setup the following configuration but I am not sure which functionality I need as well as how to configure it.

In my network (network A) I have a server that hosts several services via docker and to which I have access from my PC as well as smartphone if I connect to the VPN internet router with builtin wireguard server.

However, I thought about also giving my family access to my server. Because they use the internet router from their internet provider which doesn’t support many features and to make the setup easier I thought that I use the GL-MT300N-V2 with flashed OpenWrt (in the image called VPN client router B) as a client to network B which also acts as a kind of proxy or gateway to access the server via wireguard.

So the VPN client router B gets the IP address from network B as well as IP from network A via wireguard.
When then for example client B1 wants to access my nextcloud instance on my server ( they enter The VPN client router B then forwards the request to and sends the response back to client B1 (

So I don’t want to connect multiple network segments, I just want the GL-MT300N-V2 to connect via wireguard to the VPN internet router and forwards every request on its IP address to the server. Ideally except port 80 for the OpenWRT webpage in case I need to reconfigure it in the future. So it more or less mimics the remote server via a VPN connection.

I am not sure if I can set a static route in the internet router B because it has very limited functionality but will have a look next time when I have access to it. However, maybe it also works without it, therefore I haven't mentioned it in the picture.

Also I came across nginx, caddy as well as openwrt-policy-based-routing and IP forwarding with iptables rules but I am not sure how the exact functionality I seek is called and which tool provides it. So I just called it "some magic software" in the picture.

Instead of using Cloudflare or Tailscale I thought maybe this could be used instead. Also I wouldn't need to exchange the internet router B or cascade an additional router behind it or configure wireguard on all relevant clients in network B.

What are your thoughts on this and can this be easily achieved with an OpenWrt-plugin or configuration?

Thanks in advance

You can do that easily with port forwarding on the OpenWrt.
You need to configure 2 things, first the DNAT (or port forward) to change the destination IP and port, and second the SNAT (or NAT rules) to change the source IP in case the other VPN router is not aware of the subnets of the other networks.