@abstergo do a search in the forum, please. You'll see the topic came up a few times it's not something that can easily be done. Seems setting up two separate tunnels and use OSPF is one option that doesn't involve scripting.

@flat4 Not sure -- but it's really strange how the routing / connection persists after initiating on my cellular network then "transistioning" to the guest wifi

@dennypage Okay thanks.

@michmoor Thanks but we have trashed it and will do OpenVPN even though it is slower, but more reliable and easier to troubleshoot.

To anyone having the same problem follow this guide https://blog.matrixpost.net/set-up-wireguard-site-to-site-vpn-on-pfsense/ or in short, do not set an upstream gateway and set static routes as allowed ips.

Same here. Does not seem to do any harm but it just feels not right, having so much errors on an interface and not knowing why...

Thanks for the nice drawing. I will try again and see if it will work.

@The-Party-of-Hell-No Hi, Thanks for your reply. Yes I've set the tunnel up with all NAT rules in place, following guides, to the point of routing all traffic via the tunnel. Just wasn't sure of the next steps and if a firewall rule would work. I'll give that a go and see if it works as I'd like.

@Bob-Dig said in WireGuard and ProtonVPN: Personally I wouldn't change my DNS-Servers to Proton but change the DNS-Server for some hosts only to always use external DNS, which will then go through the VPN for those hosts. Could you please, show example of firewall rule to pass DNS request via VPN fore some hosts?

i have to setup mss to 1280.