NAT and reach dhcp clients in router mode from main network

Hello,

I am having a main office network, and nanostation that links another branches using nanostation (Router mode) I need to NAT and reach the DHCP clients for Nanostation Router mode from our main network,

I know some will said us Bridge mode, I would not prefer that. As each office uses different IP subnet.

Here is what I did in our main Mikrotik network:
/ip route
add disabled=no dst-address=192.168.0.0/24 gateway=10.0.0.87 routing-table=main suppress-hw-offload=no

Now, I can ping 192.168.0.1 normally:

C:\Users\User>ping 192.168.0.1

Pinging 192.168.0.1 with 32 bytes of data:

Reply from 192.168.0.1: bytes=32 time=7ms TTL=63

Reply from 192.168.0.1: bytes=32 time=5ms TTL=63

Reply from 192.168.0.1: bytes=32 time=6ms TTL=63

But I cannot ping any DHCP clients,

I believed it needs to play with iptables.

Diagram:

I know another solution is using VPN, but that will needs us to install firewall router in each office which is costly to do. so I think only I need to play with iptables or routing ?

Any ideas ?

Thanks

No need for NAT on nanostation. However, often firewall config on client computers considers anything outside own subnet (as determined by network address and mask) to be “evil internet” and is thus blocked. NAT on nanostation would help to overcome this problem (making clients believe it’s nanostation talking to them) but I wouldn’t go into this direction.

Thanks @mkx for your response, as your mentioned, (NAT on nanostation would help to overcome this problem), how is that possible to do? by iptables? masquerade?

I’ve no idea how nanostation is to be configured … I don’t know any Mikrotik by that name …

C’mon mkx, dont tell me you are not a Ubiquti expert? Just because the moniker up top says Mikrotik is no excuse!

Luckily I just happen to know the enlightened path → https://community.ui.com/

I’m not saying that I’m not ubiquiti man … you may find one mkx on the forum you linked (no, you won’t, not this one)