Either your wireguard endpoint should be the router / gateway for the local traffic, and ip_forwarding is enabled on that gateway, OR you have to specify routes in iptables for the different networks you want to reach.
ip route add <subnet> dev <device name> via <gateway or router>
Like this:
ip route add 192.168.1.1/24 dev wg0 via 192.168.1.1 (which is the router, usually).
Hey, thanks a lot! I started reading that and then I bought a router that runs OPNsense... I'm just going to run the whole network through the mullvad VPN. Setting up dynamic DNS and poking a little hole in OPNsense so I can connect to my local network wireguard... that's more of my speed.
Actually I got into the OPNsense documentation tonight, I think what I'm looking to do will be even easier than I imagined with it acting both as my local server and routing traffic to the mullvad interface... e.g. with my current local wireguard server retired. This networking stuff is crazy hard, I'd rather have a proper solution with good documention than what I was trying to do on a machine that has its own complocated local networks for libvirt and other stuff that I just kind of use without fully understanding.
ip route add <subnet> dev <device name> via <gateway or router>
Like this: ip route add 192.168.1.1/24 dev wg0 via 192.168.1.1 (which is the router, usually).
This really helped me https://unix.stackexchange.com/questions/666072/how-to-set-u...