Routing container traffic through wireguard container

LSIO Discussion Container Support
1

Hello,
I tried to follow this tutorial: Routing Docker Host And Container Traffic Through WireGuard | LinuxServer.io to route container traffic through wireguard VPN.
I didn’t wanted to use the first method so I tried the second method described as " Routing a container’s traffic through the WireGuard container via routing table".
My issue however is, that the connected container (nzbget) does not get a connection. I cannot establish any outbound connection, it always fails with “ping: bad address ‘google.com’”
It does not seem to be a dns problem, as it also fails with ip addresses.
Both containers are in the same network, like shown in the example. This is the route output from my nzbget container:

ip route show
default via 172.20.0.50 dev eth0 
172.20.0.0/16 dev eth0 scope link  src 172.20.0.6

My main issue is, that I don’t know how to debug the connection. traceroute fails immediately, like any other network command. I have the feeling that the wireguard container does not allow incoming connections.
Can someone help me?
Thanks!

Edit: For completeness, here are my config files:
Wireguard:

---
version: "2.1"
services:
  wireguard:
    image: lscr.io/linuxserver/wireguard:latest
    container_name: wireguard
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=0
      - PGID=0
      - TZ=Europe/Berlin
    volumes:
      - /home/wireguard/config:/config
      - /lib/modules:/lib/modules #optional
    networks:
      default:
        ipv4_address: 172.20.0.50
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
    restart: unless-stopped
    
networks:
  default:
    external:
      name: nginx

Nzbget:

---
version: "2.1"
services:
  nzbget:
    image: lscr.io/linuxserver/nzbget:latest
    container_name: nzbget
    cap_add:
      - NET_ADMIN
    environment:
      - PUID=0
      - PGID=0
      - TZ=Europe/Berlin
    volumes:
      - /home/nzbget/config:/config
      - /home/nzbget/downloads:/downloads
    restart: unless-stopped

networks:
  default:
    external:
      name: nginx

This is nzbget container route:

root@8fbecc49c5d3:/# ip route
default via 172.20.0.50 dev eth0 
172.20.0.0/16 dev eth0 scope link  src 172.20.0.6 
root@8fbecc49c5d3:/# ping 172.20.0.50
PING 172.20.0.50 (172.20.0.50): 56 data bytes
64 bytes from 172.20.0.50: seq=0 ttl=64 time=0.129 ms
64 bytes from 172.20.0.50: seq=1 ttl=64 time=0.072 ms
64 bytes from 172.20.0.50: seq=2 ttl=64 time=0.080 ms
--- 172.20.0.50 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 0.072/0.093/0.129 ms

wg0.conf

[Interface]
Address = 10.14.0.2/16
PrivateKey = (removed)
DNS = 162.252.172.57, 149.154.159.92
PostUp = iptables -t nat -A POSTROUTING -o wg+ -j MASQUERADE
PreDown = iptables -t nat -D POSTROUTING -o wg+ -j MASQUERADE

[Peer]
PublicKey = Lxg3jAOKcBA9tGBtB6vEWMFl5LUEB6AwOpuniYn1cig=
AllowedIPs = 0.0.0.0/0
Endpoint = nl-ams.prod.surfshark.com:51820