Hi,
I have 2 ipsec tunnels with diferent subnets,and server attached to mikrotik. I can ping remote cisco routers from mikrotik, but i dont have ping from server. I got ip address 172.18.13.249/32 from first remote peer, and 10.85.185.56/29 from second remote peer. I done src-nat for the first peer, and i have ping on my server to remote cisco. When i setup src-nat for second peer, i got message destination host unreachable [ip address from first peer]. Ping works only for peer that is first in nat priority list. Is there any way to make this work?
Here is my config
1 172.18.13.249/32 172.18.13.249 ether2
2 192.168.252.1/24 192.168.252.0 ether3
3 10.85.185.59/29 10.85.185.56 ether2
1 A S 10.15.122.0/24 ether2 1
2 ADC 10.85.185.56/29 10.85.185.59 ether2 0
3 A S 10.253.220.130/32 ether2
4 chain=srcnat action=src-nat to-addresses=10.85.185.57
src-address=192.168.252.100
5 chain=srcnat action=src-nat to-addresses=172.18.13.249
src-address=192.168.252.100
Server ip address is 192.168.252.100
Thanks alot