Hi everyone,
I’m seeking some assistance with my current home network setup, which includes a WireGuard VPN configuration. I’ve attached a diagram of my network topology for reference.
Blue line and green line work’s like a charm 
Router (RB4011 run 7.15.1): Connected to multiple subnets
10.0.0.2/30 INTERCO ISP BOX
192.168.0.1/24 LAN2
172.16.0.1/24 LAN1
192.168.100.0/24 Wireguard VPN Server
PUB IP /30 WireGuard VPN Client
NATing & MASQUERADE: Applied at multiple points for SRC/DST traffic
Objective:
I need to verify if the red line paths in my diagram can function correctly on RB4011 7.15.1 and, if so, understand how to implement this setup. The red lines represent traffic routes that I’d like to establish:
RoadWarrior WireGuard Dynamic IP Client (anywhere on the internet) → Public IP (WireGuard Server) → WireGuard VPN Server → LAN1 Networks (172.16.0.0/24 and 192.168.0.0/24) & go to Internet trough WireGuard VPN Client
LAN2 Networks (192.168.0.0/24) → WireGuard VPN Client → NATing (SRC/DST/MASQ) → WireGuard Server → Internet
LAN1 Networks (172.16.0.0/24) → ISP Box → NATing (SRC/DST/MASQ) → Internet
Questions:
Feasibility: Can the traffic flow as shown by the red lines function as intended within this setup?
Configuration: What steps and configurations are necessary on the RB4011 router, WireGuard VPN server, and clients to ensure proper routing and NAT handling? Is it necessarily use NATing (MASQ) at WireguardVPN Server interface level ?
Potential Issues: Are there any potential issues or considerations I should be aware of, especially regarding NAT traversal, firewall rules, or route handling?
Additional Information:
My goal is to allow remote clients to access LAN1 and LAN2 networks securely via the WireGuard VPN while also ensuring that remote client can access to internet trough WireGuard VPN Server Public IP.
I appreciate any guidance or suggestions from the community to help me get this configuration up and running.
Thank you!