Recently I’ve been testing WireGuard with my PFSense setups, rather than IPsec and OpenVPN. I’ve found it really good and I think WireGuard works really well. The one thing I was a little stuck on was how to allow remote clients from one site to access devices on the second sites LAN.

Main SiteRemote Site
WireGuard Site to site172.16.18.1/31172.16.18.0/31
WireGuard Remote Clients VPN172.16.17.1/24

I want my remote devices connected to the main site via the WireGuard to be able to access the LAN on the remote site.


  1. You already have a WireGuard Site-to-Site VPN setup and can route traffic between the two sites LAN’s. 
  2. You already have a wireGuard remote client VPN setup and can access the main sites LAN

Simple Fix

  1. Log into your Remote PFsense router. Go to System -> Routing -> Static Routes.
  2. Add a static route for your WireGuard Remote Clients VPN subnet(Main Site), use the WireGuard Site-to-Site VPN Gateway.
  3. Now go to VPN -> WireGuard-> Peers. Select edit on your main site peer.
  4. Under the Address Configuration, add your WireGuard Remote Clients VPN subnet(Main Site) to the allowed IP’s.
  5. Now remote clients connected to the main site should be able to access your remote sites LAN.