Connection between 2 houses

Hi,

Can someone please give an explanation how I can achive the following?

House A has an internet connection to provider X with Routerboard 1.
House B has an internet connection to provider Y with Routerboard 2.

I would like to have:

Routerboard 1 port 2 = provider X
Routerboard 1 port 3 = provider Y
Routerboard 2 port 2 = provider X
Routerboard 2 port 3 = provider Y

(the purpose is to access services that are only accessible when connected to the providers’ network)

I guess I need to make a VPN between the two Routerboards, and than make 2 VLANs, and trunk the VLANs over the VPN link.

Is that correct?
But I want more details please…

Thanks!

You won’t need vlans to accomplish this.

Set up a vpn tunnel of your preference, add a /30 transport network to it and set appropriate routes for the remote subnets.
Make sure you add accept rules for the traffic from/to the other subnet to traverse.
Add a NAT rule to masquerade traffic from the other subnet out to WAN.

Add routes to the services you would like to re-route with gateway=.

Off you go.
-Chris

Unfortunately, I can’t get this to work…

Site A has subnet 10.10.100.0/24, router at 10.10.100.254
Site B has subnet 10.10.200.0/24, router at 10.10.200.254

There is a working IPsec VPN link between them

Let’s say I am on Site A, and I want to route traffic to 8.8.8.8 (example) via the ISP of Site B

So I would enter a static route:

/ip route add dst-address=8.8.8.8 gateway=10.10.200.254 prf-src=10.10.100.254

however, this gives an “unreachable” in Winbox … and a tracert 8.8.8.8 on my PC still goes at directly to site A’s ISP…

Who can help me please?

Thanks!

You probably want to share details about that IPSec link, it sounds suspicious.

Well, I’d say this is normal as routes should point to connected networks - and 10.10.200.0/24 is routed, not local.
I’d suggest a GRE tunnel through IPsec to accomplish this.
And be sure you set up your masquerading rules on the remote side accordingly.

-Chris