I have a working connection from an OpenWrt-box (called "A") to a Mullvad wireguard server AND now would like to have a few devices (phones, laptop) connect to this OpenWrt box ("A") via a wireguard vpn to access its LAN ressources AND to have their traffic sent via the upstream Mullvad tunnel.
So the "A"-box needs to be a Wireguard client (to Mullvad) and a wireguard server (to the mobile devices).
My problem is how to setup the firewall and routing between the two wireguard interfaces? How do I make the mobile vpn clients connecting to "A" not use WAN but the Mullvad interface for internet access?
I found https://github.com/stangri/openwrt_packages/blob/master/vpn-policy-routing/files/README.md#local-wireguard-server--wireguard-client-scenario-1 which might point me to a solution, but does this work without an extra plugin?
In Simultaneous Wireguard Server and Mullvad Wireguard Client Setup? as far as I understand there was finally another solution by using a separate vpn server...
Thanks for any hints.