I have a remote network that I've tied in to my WG server.  I'm noticing 
that all traffic from this remote network that goes outbound to the 
internet is getting routed through my wireguard server.

Client config:
[Interface]
PrivateKey = XXXX
Address = 10.10.10.10/32
ListenPort = 51821

[Peer]
PublicKey = XXXX
Endpoint = 11.11.11.11:51821 <- IP of the WG server.
AllowedIPs = 0.0.0.0/0, ::/0
PersistentKeepAlive=25


Server config:
[Interface]
PrivateKey = XXXX
Address = 10.10.10.1/32
ListenPort = 51821

PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i 
-j ACCEPT; iptables -t nat -A POSTROUTING -o eno1 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o 
%i -j ACCEPT; iptables -t nat -D POSTROUTING -o eno1 -j MASQUERADE

# IP forwarding
PreUp = sysctl -w net.ipv4.ip_forward=1

[Peer]
PublicKey = XXXX
AllowedIPs = 10.10.10.10/32, 192.168.128.0/17 <- Client's internal 
network.


My goal is that regular outbound traffic just goes out the client node's 
outside routable interface and traffic between the internal networks 
goes through wireguard.

For example, I'm seeing email being sent through the MTA I have 
configured on the "client" is showing up as originating from the 
outbound IP of the "server".

Thanks!