Hi!
I have a simple network setup (1 public ip, lan behind it, and nat on rb750gl)
i have masquerade set up with exit interface ethernet0 (the directly connected one with the public ip).
Now I got access to a server in the USA, and OpenVPN on it. I want to route all traffic to hulu/netflix/allOtherUSA-onlyCrap through it. I have set up openvpn and I have the next topology now:
What would be the easiest way to set up to route netflix (lets say 1.2.3.0/24) through the server in usa? Should I set up two NAT-s? one more masquearade on rb750gl, and one on the (linux) server? Can i just add another srcnat->action:masquerade with the openvpn out. interface; and then ofcourse set up nat on the linux server in usa?
Or would it be better to just add the simple route (to 1.2.3.0/24) with my server as a gateway, and set up NAT just on the usa server? If I do that, i have to add the route to my network (192.168.1.0/24) on the server (with my mikrotik with 192.168.2.x as a gateway). How do I secure my network then (the server is shared - insecure)? Add firewall rule on the forward table, to just allow established and related packets from ovpn interface and drop everything else? Or do I need anything else?
thank you for your help!