• If your router is on dynamic public IP (ADSL…) you can substitute <fc #ff0000>Endpoint IP</fc> in windows client with your routers Cloud DNS Name…
• For <fc #ff0000>AllowedIPs</fc> in your windows client you have to put all networks behind your router you would like to access through WG. You will automatically setup a “split tunnel”.
• If you dont want “split tunnel” or you don't know all the subnets behind router, you can put 0.0.0.0/0 instead, and all your traffic will go through WG.

Don't forget to put a following rule in your firewall

ip firewall filter add chain=input dst-port=13231 protocol=udp action=accept comment="Allow WireGuard"

Wireguard client for windows works only for “administrators” but there is nice workaround…

• Wireguard for non Administrators