I forgot that the destination PC at is on a different subnet,.
If you only have 1 PC that you need to RDP to, then you can add a Port Forwarding rule from TCP WAN Port 3389 to LAN IP 192.168.1.122 Port 3389 via Admin Panel → Firewall → Port Forwards.
I do not work for and I am not directly associated with GL.iNet
Have you tried activating DMZ on the ISP Router to forward all open ports to the GL unit?
Should be easy to do and is worth a try.
Edit: To access clients behind the GL unit you might need to add a firewall rule on the GL Router to forward the required port to the client.
External zone: Wireguard
Internal zome: Lan
I tested on my GL-AR1000W Brume with OpenVPN Client connected, Kill Switch turned on and TCP WAN Port 3389 forwarded to a LAN Windows 10 PC, with no VPN Policy. I successfully connected over RDP from the WAN side to the PC on the LAN side.
You have to RDP to the router’s WAN IP address, which is then forwarded to the PC’s LAN IP address.
I do not work for and I am not directly associated with GL.iNet