pirate
commented
3 years ago It's up to you to choose how to route the traffic, wireguard does not automatically do NAT busting or find the shortest path, it just routes based on the rules you define in AllowedIPs. If you want a system that will automatically route from NAT to NAT or find the shortest path, you need a layer on top of wireguard to control it (like Tailscale).
I have two clients (client 2, client 3) behind NATs and one client (client 1) have a static public IP, and I connect them with wireguard VPN. My question is: when client 2 send message to client 3, or the other way round, the message goes directly to client 3, or go through client 1 then to client 3? and why?