WireGuard Interface as LAN Interface - NAT Traffic doesn't pass into

Bronko

Hi,

my two pfSense instances are connected by official WireGuard package on both site.

Site-A is a vserver instance because of the public network address is needed. On pfSense setup time here, only these interface was available and configured as WAN interface. The following WireGuard configuration established the second interface in the idea as LAN interface here.
Site-B is my home pfSense Firewall setup with all the knowing of my home networks.
All necessary routes and WireGuard networks are configured on both sites.

The IPv4 (disabled IPv6) traffic is running in both directions via WireGuard tunnel as assumed, not only ICMP, "real traffic" by netcat too. In these test on Site-A netcat is running direct on pfSense, on Site-B on a server in a specific network segment at home.

BUT the "simple" test (netcat is running anywhere on a different internet server) to pass traffic on Site-A ingressed via WAN interface handled by a (logged) NAT forwarding rule destinated to a server on Site-B doesn't works.
The pfSense syslog on Site-A shows the logged and passed ingressed traffic on the WAN interface, but the Packet Capture here on Site-A shows already no ingress at the WireGuard interface, my LAN interface here.

I would be very grateful for any assistance of my may be misunderstanding.

Bronko

solved at reference...