WireGuard in pfSense

Followed the vid @ Tutorial: pfsense Wireguard For Remote Access - YouTube

Got WireGuard going on pfSense and connecting via an Android handset of 4G.

However, subnets of multiple vLANs are added at the PEER’s config, which allows the PEER to get to each vLAN.

Yet, if the firewall rules allow ALL traffic between vLAN1 and vLAN2, (including the WireGuard & WAN rules allowing all traffic) and you only specify vLAN1 (with or without the WireGuard subnet) at the PEERs config, you can’t get traffic from the PEER device to vLAN2.

Is this expected ?

You need each subnet listed in the peer.

… Sooo, for users to connect to the video server on the server vLAN, they have to VPN onto the server VLAN…

For each peer it that is connecting it needs to have each of the subnets that you want them to access.

You don’t find it … strange … as to have a user connecting to a vLAN dedicated for servers, only for that user to be able to access a particular server’s services ? …