Consider the following scenario
Site To Site VPN
Clients on both networks can speak to each other without a problem
Site A LAN=192.168.2.0/24
Site B LAN=192.168.3.0/24
So from a functional perspective VPN is working just fine.
The problem i’m having is that syslog remote logging traffic sourced from Site B Mikrotik Router is not being sent or encapsulated on the IPSEC Tunnel.
I have a Remote syslog configuration targeting a host on the 192.168.2.0/24 network
Any Hints?
Common issue. Traffic to 192.168.2.0/24 will be routed to wan initially, therefore the router picks the ip address from the wan interface to initiate the connection.
From there, the connection won’t be picked up by ipsec policy. You can create a route to the remote subnet via the lan interface to force the router to pick 192.168.3.x as source address:
/ip route
add dst-address=192.168.2.0/24 gateway=<name of lan interface/bridge>
Thanks
I figured that out about a day after i posted this.
Much appreciated
Consider this topic closed.