I just fought my way through…
The ‘road warrior’ section does not talk about full tunnel… ie using your vyos router as the outbound…
no mention of something like:
set nat source rule 110 outbound-interface 'eth1'
set nat source rule 110 source address '192.0.2.240/28'
set nat source rule 110 translation address 'masquerade'
and same with service dns:
set service dns forwarding allow-from '192.0.2.240/28'
set service dns forwarding listen-address '192.0.2.254'
While I could generate this afterwards:
generate wireguard client-config <name> interface <interface> server <ip|fqdn> address <client-ip>
the config never seemed to attach to the server…
but I could only use that command after I commit;save the config… but I could only do that after I had a working client saved…
I’ll keep re-reading the docs to see if there is someway to make them more streamlined like the quick start…
Thanks for reading…