I had to do a hard reset on site 1 this week after I lost internet access, turned out to be a cable modem / ISP issue where I was getting a 192.168.100.1 address for my WAN which kept me from getting into the hAP.
site 1 WAN 72.xxx.xxx.xxx
/ip/address> pr
# ADDRESS NETWORK INTERFACE
1 192.168.100.1/24 192.168.100.0 bridge
2 10.10.10.1/24 10.10.10.0 GUEST BRIDGE
3 D 72.xxx.xxx.xxx 72.xxx.xxx.0 ether1 WAN
4 10.0.0.1/30 10.0.0.0 wireguard1
/ip/route> pr
# DST-ADDRESS GATEWAY DISTANCE
DAd 0.0.0.0/0 72.xxx.xxx.1 1
DAc 10.0.0.0/30 wireguard1 0
DAc 10.10.10.0/24 GUEST BRIDGE 0
DAc 72.xxx.xxx.xxx ether1 WAN 0
DAc 192.168.100.0/24 bridge 0
0 As 192.168.200.0/24 10.0.0.2 1
/interface/wireguard/peers> pr
# INTERFACE PUBLIC-KEY ENDPOINT-ADDRESS ENDPOINT-PORT ALLOWED-ADDRESS
0 wireguard1 from site 2 50.xxx.xxx.xxx 0 10.0.0.0/30
192.168.200.0/24
site 2 WAN 50.xxx.xxx.xxx
2 192.168.200.10/24 192.168.200.0 bridge
3 10.0.0.2/24 10.0.0.0 wireguard1
4 10.10.10.1/24 10.10.10.0 GUEST BRIDGE
5 D 50.xxx.xxx.xxx 50.xxx.xxx.0 ether1 WAN
/ip/route> pr
# DST-ADDRESS GATEWAY DISTANCE
DAd 0.0.0.0/0 50.xxx.xxx.1 1
DAc 10.0.0.0/24 wireguard1 0
DAc 10.10.10.0/24 GUEST BRIDGE 0
DAc 50.xxx.xxx.0/21 ether1 WAN 0
0 As 192.168.100.0/24 10.0.0.1 1
# INTERFACE PUBLIC-KEY ENDPOINT-ADDRESS ENDPOINT-PORT ALLOWED-ADDRESS
0 wireguard1 from site 1 72.xxx.xxx.xxx 13231 10.0.0.0/30
192.168.100.0/24
I got this setup from
https://www.youtube.com/watch?v=lS4zeMACT3w
Even though winbox shows my wireguard interface as running and a link up time with not down time I can't ping 10.10.10.x from either side.
The 10.10.10.0 range is for the guest network on the AP.