pfSense: Site to Multi-Site VPN - routing problem?

I’m setting up a routing lab to learn some stuff about Wireguard for a future project. I’m following this guide: Virtual Private Networks — WireGuard — WireGuard Routing | pfSense Documentation

IP differences from guide:
Firewall 1 WAN:
Firewall 2 WAN:
Firewall 3 WAN:

Firewall 1 LAN:
Firewall 1 LAN:
Firewall 1 LAN:

HQ Tunnel Address:
Remote A:
Remote B:

Note: Using the guide has as the subnet but when doing this, on remote side B, you can’t set it up with because 3 is the broadcast address.

After setting up the lab exactly as the guide example with the exception of the above IP info, I get these results:

Can ping from each client site PC on their respenctive LANs to the HQ firewall:
Can ping from each client site PC to each other and to each firewall’s LAN IP and the tunnel IPs.
Can not ping from PC on LAN of HQ to either client site firewall
From HQ firewall, can ping,, or when using VPN address as source but not LAN
From HQ firewall, if I select source as VPN, can ping or
From HQ firewall, if I select source as LAN, can’t ping or
From HQ connected laptop on LAN, can’t ping any of these:,,,,, or

This would seem to be a routing issue as far as I can tell but I’m not sure how to correct it. Any ideas?

You have to make sure you are setting the proper rules on the correct interfaces and make sure that you have each remote subnet in your wiregard config on each firewall.

So apparently the guide is a bit incomplete. I added the local subnet of the HQ to each of the peers and this resolved my issue. Thanks for pointing me in the right direction!