Sure provide a network diagram showing the devices in play,
Which device is the listening device for the connection.
Where is the FTP server located etc....
Provide config for the MT devices.
A basic example is provided..........
FTP is like any other service so nothing overly special. Create the tunnel properly using wireguard parameters.
Then ensure the firewall rules match needs/intention and then ensure routing exists for the traffic to move.
More detail here:
viewtopic.php?t=182340
++++++++++++++++++++++++++++++++++
Ex: MT Router WANIP is x.y.w.z with lan subnet of 192.168.5.0/24 and FTP server at 192.168.5.25/32
Ex. MT other Device with lan subnet of 192.168.10.0/24
Ex IOS device
Main MT router
wireguard interface name=ftpwireguard
listening port=15555
PUBLIC Key for all peers................
ip address=10.10.10.1/24 interface=ftpwireguard
+++++++++++++++++++
peer1 settings interface name=ftpwireguard (pulldown menu), Allowed IPs= 10.10.10.2/32.192.168.10.0/24 public key=FROM other MT device
peer2 settings interface name=ftpwireguard (pulldown menu), Allowed IPs=10.10.10.3.32 public key= from IOS device
OTHER MT DEVICE (peer1)
wireguard interface name=wireguard1
Public Key ------ TO GIVE TO MT ROUTER for peer settings.
ip address=10.10.10.2/24 interface=wireguard1
Peer Settings
wg name, pull down choice of wireguard1
Public Key -- From MT router.
Endpoint=x.y.w.z (or dyndns url)
Endpoint port=15555
Allowed address=10.10.10.0/24, 192.168.5.0/24
Persistent keep alive=25 secs
IOS DEVICE (peer2)
wireguard name = ioswireguard2
public key --> From MT Router
Address=10.10.10.3/32
DNS Server: 10.10.10.1
Peer Settings
Public Key TO GIVE TO MT ROUTER
Endpoint=x.y.w.z (or dyndns url)
Endpoint port=15555
Allowed address=10.10.10.0/24, 192.168.5.0/24
Persistent keep alive=25 secs
+++++++++++++++++++++++++++++++++++++++++++++++++
Firewall rules,
allow traffic exiting the tunnel into a router locally from remote users is allowed to go where it needs to go.
allow traffic entering the tunnel originating from local users...... is allowed to do so
Routing rules
ensure traffic originating on a device has a path/route to enter the tunnel
ensure remote traffic has a return path/route back through the tunnel