i have to add Masquerading to the VPN firewall zone.
Now all works fine and I have access to all clients from all wireguard tunnel peers.
I use private vlan 172.x for wiregard and I already had 10.x and 192.168.x private vlans for my reals clients for the remotes sites.
1 Like