Hello,
I’m a bit new to MikroTik and looking for help with one matter.
Successfully created IPSec peer and policy, connection is established and is ok. Remote Site has IP 10.250.21.151 and allows only connections from 10.127.247.8/29
Policy configuration is:
Src. Address: 10.127.247.8/29
Is Tunnel
Dst. Address: 10.250.21.151
Protocol: All
My LAN has a DHCP with 172.16.0.0/16
Now I need to configure the access for LAN users to above mentioned Site. I understand that there should be some NAT settings, but I can’t figure out which one. Any help from you would be useful. If any other information is needed please ask for it
I think you misunderstood something. You can use NAT in that situation but usually you just configure the policy to catch all the traffic from site to site.
So change the Policy on both sides to catch all site-to-site traffic.
Remote Site has IP 10.250.21.151 and allows only connections from 10.127.247.8/29
Is there a reason for you to use these addresses? They seem very random to me. But of course you can use them.
Anyway you provide not much information. An interesting point would be the sides subnet addresses. And the rest of the IPSec configuration. But be shure to not post public IP-Addresses.
You cold also post your configuration by executing “export hide-sensitive” (for v6 RouterOS) or simply “export” (for v7 RouterOS) and post the result.