Hello,
I’m a newbie for MIKROTIK, so far I have worked with LANCOM devices. I have a functionally IPSEC-VPN-Connection (between 192.168.1.0/24 (RB750Gr2) and 192.168.2.0/24 (LANCOM)). The LANCOM 192.168.2.1 is the gateway for 10.112.0.0/16. Now I would connect/route the 10.112.0.0/16 net from local 192.168.1.0/24 over gateway 192.168.2.1.
How can I route 10.112.0.0/16 over vpn-gateway 192.168.2.1?
I’m thankful every tip.
Best regards
mikrotik75
I’ve got a Mikrotik setup with an IPSec VPN to an AVM Fritzbox. I’ve added a few IPSec policies to route some of my internet traffic through that VPN connection. If I would have to route traffic for 10.112.0.0/16 through that tunnel, I’d add a policy with the following settings
/ip ipsec policy add sa-src-address=[Mikrotik IP Address] sa-dst-address=[LANCOM IP Address] src-address=[local subnet] dst-address=10.122.0.0/16 tunnel=yes
I’m not to familiar with LANCOM devices but I seem to remember that they support GRE tunneling. You could choose to solve this problem by setting up a GRE tunnel between your Mikrotik and your LANCOM. This will have the disadvantage of an additional 24 bytes overhead in MTU over the policy solution.
Thank you for your help. It’s great, it works. I have additional a NAT rule supplemented then ran it.
chain=srcnat action=accept src-address=192.168.1.0/24
dst-address=10.112.0.0/16 log=no log-prefix=""