Hello
I have a weird configuration, a poor’s man redundant link and i was wondering if someone could help me out.
The set up:
We have 2 offices:
Office 1: public ip 192.168.1.1/24 / vpn 172.16.0.1
Office 2: Public ip 192.168.2.2/24 / private ip 10.10.2.0/24 / PPTP vpn 172.16.0.2
There is also a pptp vpn between the two locations named VPN
In Office 2 we have a smtp gateway with ip 10.10.2.61
In office 2 we set up some prerouting rules so that connections coming into 192.168.1.1:25 (Office1) to go through the VPN to 10.10.2.61 from office 2
/ip firewall mangle
add action=mark-connection chain=forward dst-address=10.10.2.61 dst-port=25 in-interface=VPN new-connection-mark=SMTP_optonline protocol=tcp
add action=mark-routing chain=prerouting connection-mark=SMTP_optonline new-routing-mark=SMTP_optonline src-address=10.10.2.62
Also we set up a route:
/ip route
add comment=“SMTP Route” distance=1 gateway=VPN routing-mark=SMTP_optonline
Now if i telnet from anywhere in the world on 192.168.1.1 port 25 it works without a problem
If i telnet from 10.10.2.x on 192.168.1.1 port 25 it times out.
Does anyone know how can i change the preroutes/nat rules so i can access it from the same subnet over the internet and back through the VPN?