IPsec VPN question

Hardware MikroTik hardware general
1

Hi,

Two questions:

1)Is it possible to create an IPsec VPN site A 192.168.10.0 site B 172.16.50.0 (different classes IP subnets)?

both sites has Mikrotik routerboard 1000

2)when installing a routerboard 1000 eth1 public IP eth2 local private IP (NAT) is it by default the local or internal private subnet protected? what shall we do to protect it in case no?


Thanks.

2

  1. yes, it’s possible.

  2. Do you have any configuration on that board ?
    If you have NAT, then there is protection from direct communications for NATed hosts.
    However, additionally ip firewall filter rules might be required, if you want to set advanced filtering.