I wasn't able to find a bug tracker so apologies if this is a known issue. I’m running macOS 12.3 with WireGuard 1.0.15 from the App Store.
My WireGuard peer is on my corporate network, to which I am first connecting via Palo Alto Networks GlobalProtect. If I use `route get <peer IP>` then macOS reports that it will send traffic to the peer via the GlobalProtect tunnel interface. And I can confirm this by sending UDP traffic from macOS to the peer server and monitoring it going over that interface using Wireshark. However, when I then turn on the WireGuard tunnel, it sends its traffic over en0, my Wi-Fi interface, over which the peer is not reachable. As a workaround, I can have my endpoint configured as localhost and use socat to redirect traffic over the correct interface: socat -T 3600 udp-listen:51820,reuseaddr,fork udp:<peer>:51820 Ryan
