Disable IP masquerading w/ WireGuard

I’m using an A1300 as a wireguard client and an AX1800 as a wireguard server.

I want to turn off IP masquerading - that is, I want the IP of my laptop that’s connected to the A1300 to be visible to any websites/servers that I connect to. However, when I disable IP masquerading on the A1300, no traffic gets through.

Some different posts mention this issue, and one says the subnets need to match. (GL-A1300 cannot send traffic over wireguard when IP masquerading is disabled - #2 by hansome)

However, I’m not sure which settings I should change, and what they should be changed to. Can someone identify the exact settings that should be updated, and suggest appropriate values?

(I tried going to ‘Network > LAN > Router IP Address’ and setting both the client & server to, however it had no effect - still no traffic getting through.)


Or am I misunderstanding how IP addresses work? My ultimate goal is to prevent endpoint websites/servers from going "hmm… the IP address of the laptop should be [xxx.xxx.x.x], but in my logs it’s [yyy.yyy.y.y]. That’s suspicious, they must be using a VPN!!

As long as that’s not a problem, I’m not worried about disabling IP masquerading (although it would still be useful to have a solution to my question for future reference).

IP masquerading should be turned on always for privacy purposes.
While setting s2s manually, it can be turned off in the scenario having server ACL.

The website will only know 1 IP. The ones of your ISP - or the one your device connects with. They don’t detect VPN like this. They do it f.e. based on lists of VPN servers or by understanding that your ISP address can’t be within a datacenter.