I have a setup that requires multiple Mikrotiks to IPSec to a Fortigate. The IPSec section works and has been running stable for years. We recently have received a new requirement to have RADIUS auth set up for all our Mikrotiks. When I set up the rule:
ip route add disabled=yes distance=1 dst-address=REMOTEIP gateway=Br0 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
then some network equipment on the LAN side does not report back into the Fortigate side.
How can I set up the Mikrotik that all internal services that needs to go to the REMOTEIP subnet gets NATted via the Loopback Interface?
