Wireguard tunnel as internet gateway for specific interface

I was wondering if anyone has an idea how to accomplish the following task.
0. Site A and Site B both have fiber connections and Pfsense boxes

  1. Site A is linked to Site B via a site-to-site WG tunnel (done)
  2. Site B has 3 physical interfaces (call it LAN1 and LAN2 and WAN)
  3. I would like for LAN1 internet traffic to exit the WAN interface, but for LAN2 internet traffic to traverse the WG tunnel, and leave via the WAN interface at Site A

At a different site I was able to make a tunnel and pass ALL traffic via the WG tunnel so all internet traffic appeared to be coming from Site A, but I can’t figure out how to do this on a per-interface basis.

Would appreciate any insights. Thanks in advance.

It’s not done via interface, it’s done per network via policy routing outbound NAT rules. They have some examples in the documentation of how to do it with OpenVPN, should work much the same for Wiregurad.

Dear Tom,

Really appreciate your input. That absolutely did the trick! It’s pretty incredible that you find the time not only to create the educational videos, but also to personally answer a question on the forum!

Thank you so much.

1 Like