The purpose is to have all my home web traffic exit the VPS Mikrotik.
I think it is essentially pretty close to this:
https://wiki.mikrotik.com/wiki/Routing_through_remote_network_over_IPsec
So using that diagram, my intent is to route 80,443 from workstations on 10.10.10.0/24 out the other GW of 1.1.2.1
Thanks,
Dan
I have the IPSec tunnel working well. I’m not sure how to have the 80,443 traffic route out of the GW 1.1.2.1 though.
I don’t understand in the diagram how traffic is going out of GW 1.1.2.1
The data center router, 1.1.2.2 has a default route of 1.1.2.1, the Internet. So when it receives a packet over the VPN destined for the Internet it simply routes, NATs in the case of IPv4, it out to the Internet.
That said you’d also have to adjust the /ip ipsec policy on the home router for the destination address to match any possible or at least the IPs for the HTTP / HTTPS sites you want to visit.