OVPN Help .... 2 tunnels

Hi

I need some help.
I have a RB4011 (Router Home) and a LtAP (Router Garage)
Router Home: 192.168.0.0/24
Router garage: 192.168.2.0/24
both are connected with site to site OVPN (172.22.22.1 - 172.22.22.2)
This Network works (both sides see each other for all devices)
Now i sometimes connect to Router Home with my Notebook (OVPN, 192.168.10.1-192.168.10.2)
I have access to all devices from Router Home.
But how i can establish access to the devices behind Router Garage ? Is traffic possible from client tunnel to site-to-site tunnel ?

regards, Richard

Hey

It should be possible, just make sure you have the proper routes defined. Mikrotik doesn’t support route push, so there are two options: make opvn default route or add route for garage network over ovpn tunnel.

I have a static route on Home Router side:

add distance=1 dst-address=192.168.2.0/24 gateway=172.22.22.2

and on Garage Router Side:

add distance=1 dst-address=192.168.0.0/24 gateway=172.22.22.1

This works… but when i now connect to the Home router with my notebook (OVPN tunnel 192.168.10.1-192.168.10.2) i don’t come in my garage network…
is a route missing ?

Richard

Yes, you will have to tell the Garage router where 192.168.10.x network is, i.e. add route like below on Garage router

add distance=1 dst-address=192.168.10.0/24 gateway=172.22.22.1

Ok, and on the Home Router side (where i come in with my second VPN Tunnel with the Notebook) … ist there anything to do aditionally ?
i also have on the home router side:

0 chain=srcnat src-address=192.168.0.0/24 dst-address=192.168.2.0/24

and on the garage router side:

0 chain=srcnat src-address=192.168.0.2/24 dst-address=192.168.0.0/24

is there something needed for the 192.168.10.x network ?

thx, Richard!

thx CZFan !!!

it was the missing “add distance=1 dst-address=192.168.10.0/24 gateway=172.22.22.1”

regards, richard

Pleasure, glad I could help