192.168.200.0/24 ->DFL-800(Public IP) <----IPSEC—>(Public IP) MT 3.22 -->192.168.0.0/24
IPSEC tunel is UP.
From outside MT the Internet is connected through PPPoE the route added by the automatic.
To force to see networks each other I has registered such rule.
[pavel@MikroTik] > ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 ;;; Added by webbox
chain=srcnat action=masquerade src-address=192.168.0.0/24 dst-address=!192.168.200.0/24
src-address-list=“” out-interface=pppoe-out1
It can is not correct?
How to make the following?
-
All inquiries from a network 192.168.0.0/24 to wrap in VPN the channel?
-
To leave all “as is” т.е 192.168.0.0/24 quits in the Internet through PPPoE, but for example on Public the address on the Internet it is necessary that the inquiry went through VPN on DFL-800.
Or -
And still for DFL-800 there is a network 192.168.201.0/24 how to make that 192.168.0.0/24 saw.