You want to look at policy routing.
Here’s the example I use to route all traffic from my laptop with IP Address of 192.168.0.120 out via vtun3 (OpenVPN Interface)
Note: You must ensure you do not have “source-validating strict” set otherwise this won’t work!
First the policy statement that says “All traffic from 192.168.0.120” must use routing table 10 for routing decisions.
tim@ferrari# show policy
route LAN-POLICY-BASED-ROUTING {
rule 10 {
source {
address 192.168.0.120/32
}
set {
table 10
}
}
}
Next setup routing-table 10. This basically defines a new routing table, and you can see I’ve set a static default route so that all traffic is routed out vtun3. You’d change yours to be wg4
tim@ferrari# show protocols static
table 10 {
interface-route 0.0.0.0/0 {
next-hop-interface vtun3 {
}
}
}
Finally the policy route must be applied to the interface the traffic is coming in on. eth1 is the default route for 192.168.0.120. This is where you apply the policy statement.
[edit interfaces ethernet eth1]
tim@ferrari# show
address 192.168.0.1/24
description "XXX Network"
duplex auto
firewall {
in {
name LAN-IN
}
}
mtu 9000
policy {
route LAN-POLICY-BASED-ROUTING
}
With this active, all traffic from 192.168.0.120 goes via vtun3 (except traffic to other devices on the LAN which of course uses arp/direct host-to-host), but all other LAN clients use the standard routing table. You can of course do trickier things, you can have only certain destination routes go into table 10, or ports, etc etc. It’s very flexible.