Hi everybody,
I have two subnet that I'm going to connect each other via wireguard using a VPS. Both of them have openWrt routers.
Now, only for host A of subnet Site_1, I want that all and only of its extranet traffic reach internet via the main router of subnet Site_2.
I draw this in the following picture (where the route is in orange 
):
Host A has a DCHP address obtained from Router @Site_1.
So I have to config:
- Router@Site_1: wireguard, firewall? and/or zone/routes on openWrt. This router has to be installed yet so I have no config file to show you... by the way, it is a d7800 and will have a vanilla installation.
- VPS: wireguard (almost done, for now we can skip this step that is no openWrt related)
- Router_1@Site_2: wireguard and firewall/routes on openWrt: here I create a zone for the wireguard interface, configured as in fig in luci;
- Router_2@Site_2: this is the main router of subnet SITE_2, I dont think I have to do anything here.
Considering all of this, the only thing I miss is how to force all non-local traffic from host A to go through the wireguard tunnel of its router, Router@Site_1. I'm trying to see the doc or similar thread but the uci sintax is not clear to me.
I think - and, for analogy with Router_1@Site_2, I prefer - to have to do two config:
- create a "rule/config" to intercept packets from host A to internet;
- create on Router@Site_1 a zone for the wireguard interface, to forwarding traffic through wan.
Is it my analysis right? Might you give me some help? This is the most ambitious config I've ever tried 
Thanks in advice!