I am trying to allow my VPN server where the clients are 10.0.80.0 and its LAN has an IP of 10.0.90.10 which is connected to a Mikrotik router which does NAT and has 10.0.90.1 assigned to its bridge. I am trying to allow the VPN clients to communicate to other clients that have ip addresses 10.0.90.x across the bridge. I created a static route in the Mikrotik with 10.0.80.0/24 via 10.0.90.10. The VPN clients can now connect with the Mikrotik but not other devices on the 10.0.90.x network on the bridge. So how do I get the forwarding to work between ports and subnets on the bridge.
Without complete config of router as well as your VPN server it is not easy to solve. My, best wild guess would be that you need to add a firewall-forward rule. (But not to the end, somewhere before “forward - drop all” rule.)
If you are unsure or just want to test it, you can put it on top of all rules:
/ip firewall filter add action=accept chain=forward dst-address=10.0.90.0/24 src-address=10.0.80.0/24 place-before=0