I have the following setup which does not allow me to access internet via my smartphone when I am connected via VPN to my synology nas.
smartphone (vpn) via cellular ----> internet provider router —> mikrotik ----> synology nas vpn
ip-------------------------------------------192.168.4.1---------------192.168.6.1------------------192.168.6.10
my internet provider router has open ports for vpn directed to ip of the synology nas
mikrotik has dstnat for vpn ports to the synology nas
smartphone connects successfully to the vpn
I know the problem is in the mikrotik as i have another setup with the same internet router and NAS, but without the mikrotik and runs without problem.
any idea how can I troubleshoot where the connection is being lost? how to solve it? thank you
It seems you have a bit of a confusion there.
You can either have the ISP router open a port directly to the ip of the synology nas vpn (which I would not recommend as it would bypass the mikrotik and would act as a local network device instead of a router, and you would need to add forwarding between x.x.4.x and x.x.6.x
Or you can have the ISP router open a port that hits the mikrotik and then have mikrotik dst-nat this port to the nas vpn.
However, mikrotik has vpn support and you could use it directly in your phone (for example wireguard) and you could very well use the mikrotik as the connection point for that.
You certainly do not need both of the first two enabled at the same time. I am assuming you say it works without the mikrotik because you put another device with a wider netmask and it is bypassed by the ISP. right?