Wireguard to home and tunnel all traffic blocks local webserver

I have bought the all new GL-MT3000 and I have the following issue.
I have a Wireguard server at home running on a Mikrotik router.
I have a nginx docker container serving both internal and external URLs.
I have a DNS server serving local DNS names and forwards external DNS names to for example Google.
Now here comes the problem.

When I am connected to home using the Wireguard client on the GL-MT3000 I can visit external URLs not hosted by me. For example Google.
I can also connect to internally hosted URLs served by my nginx webserver.
I cannot connect to URLs hosted by my internal nginx webserver using an external DNS entry.

The wireguard server runs on ip a.b.c.d and the externally available URLs are port forwarded to the same IP address a.b.c.d.

When I use the Wireguard client on my iPhone/iPad/Laptop directly without using the GL-MT3000 as accesspoint it works flawlessly.

So in short:
wireguard server: a.b.c.d connects ok. all traffic routed through wireguard. external IP address is a.b.c.d
website.example.local → 192.168.1.x → resolves fine → can connect to website
website.example.com a.b.c.d → a.b.c.d → resolves fine → cannot connect to website
This works when using local wireguard client on iPhone/iPad/laptop

You can try turn on the Allow Access WAN option

nice suggestion! I did check it and it works!

1 Like