Not sure if this is a good forum to post this on but I thought I'd ask:

So I'm going to get an Intel NUC and run my OpenSense firewall and router on it.

My LAN is on the 192.168.1.0/24 subnet. My Synology NAS running OpenVPN server already occupies the 10.8.00/16 subnet.

In order not to overlap anything, I'm going to set up my WireGuard VPN on the 172.16.0.0/12 subnet.

**1)** Does this configuration look correct, or will I run into issues?

**2)** If I want my WireGuard VPN clients to only be able to talk to my NAS inside my LAN and no other LAN devices/resources, then I'll set up 2 rules:

#1: All IPs will be able to talk to the WireGuard VPN Server port

#2: The WireGuard VPN Server subnet will only be able to talk to the NAS IP, the LAN Subnet (192.168.1.0\24) will be blocked for the VPN Server subnet

Does this look correct? Did I mess anything up?