Networking noob: How do I forward packets to a VPN client?

RouterOS Beginner Basics
1

I have created an L2TP VPN server to which a windows client is attached.

I need to be able to connect to this remote VPN client with Remote Desktop from the LAN. I can connect to clients on the LAN from the VPN’ed machine using Remote Desktop, but I cannot connect to the VPN’ed machine from the LAN using Remote Desktop.

I’m confused, because all clients are on the same subnet, and I would have thought the packets would have automatically been routed to the correct destination. I assume I have to somehow tell RouterOS to route packets addressed to the VPN’ed machine (at 192.168.1.201 ) to the L2TP tunnel, but I am at a loss as to how to do this and am having difficulty finding a tutorial (or, at least, recognizing which tutorial is the right tutorial) to use.

I had some people suggest I move the VPN to a different subnet and that this alone might make it work. I don’t know how to do that, either. I’d really like to understand why it works one way and not the other, how I would make it work this way (even if it isn’t the best way, just so I can learn), and how to do it with another subnet if that is, indeed, the right way to do it.

I set up the VPN as follows:

  • On the PPP → Interface tab, pressed L2TP Server button
  • On the General tab:
  • Enabled
  • Default Profile: default-encryption (because I want traffic encrypted)
  • Use IPsec: required (because I want user the name and user password encrypted)
  • IPsec Secret: my randomly chosen preshared key, used to encrypt the username and password, if I understand correctly
  • On the PPP → Profiles tab, edited the default-encryption entry:
  • On the General tab:
  • Local Address: set to the LAN address of my Mikrotik router (192.168.1.1)
  • Remote Address: left blank because I want each client to have a specific IP rather than getting a random IP from an IP pool
  • DNS Server: set to the LAN address of my Mikrotik router (192.168.1.1)
  • On the Protocols Tab:
  • Set Use Encryption to required
  • On the PPP → Secrets tab, added one account:
  • Name: name of VPN user
  • Password: User password
  • Service: l2tp
  • Profile: default-encryption
  • VPN static Address: 192.1688.1.201 (LAN dhcp IP pool set to 192.168.1.101 - 192.168.1.200 , LAN static range assignment range is 192.168.1.2 - 192.168.1.200 , router is 192.168.1.1)
  • On windows machine, created VPN connection, changed automatic type to L2TP/IPsec + Pre Shared Key, entered WAN address of router + user name and password + pre shared key
  • Upon connection, Mikrotik automatically creates a L2TP Server Binding which is torn down upon connection close

Thanks!