Notices where this attachment appears
-
I would have liked to use ipsec. Because previously I was doing a site to site ipsec so all hosts connected via that subnet could get use of the vpn.
Anyway.. re-engineered the solution to use double NAT and wireguard PtP. Setting that up via Algo and OpenWRT was easy https://danrl.com/blog/2017/luci-proto-wireguard/ helped, and adding the new wireguard interface to the WAN zone on the openWRT firewall.