Hello. Currently i have two sites and phone client: site A have public IP, site B is behind CGNAT
- Site A - Hex S - With public IP - LAN 10.0.0.0/24 -Interface Wireguard 3 -allowed addresess 192.168.88.0/24, 10.10.20.0./30
- Site B - Hap ax3 - Without public IP - LAN 192.168.88.0/24 -Interface Wireguard 3 -allowed addresses 10.0.0.0/24, 10.10.20.0/30
Site B (AX3) has set Endpoint to Public IP of site A (Hex S),
Site A have endpoint empty
Both sites are connected together, see each other LAN and all devices can be reached.
Then i have phone for remote management where i can access whole LAN and all devices on site A (Hex S)
Phone client - public wifi/LTE is connected to Site A (Hex S)
- Site A - HEX s - With public IP -Interface Wireguard 4 -allowed addresses 10.10.200.0/30
- Phone client - Without public IP - Interface Phone LAN -allowed addresses 0.0.0.0/0
My goal is reaching both sites LAN (A and B) when i connect via phone to manage both networks and all devices.
Basically i need router A (HEX s) as middle man to also send LAN requests to router B (hap AX3).
I experimented with IP>routes and more allowed addresess but with no success.
So i stopped guessing and seek help here. I still think it must be something with routes because otherwise everything work like it should.