I have an issue that begs for a solution quickly.
there are 2 mikrotik router in my office.
The first one mtA has a Telco APN IP 172.17.10.200 configured on it. the Telco gave us SIMs which bears 172.52.57.0/24.
The other mtB bears our internet IP, configured for IPSec Tunnel and the LAN IP address (192.168.5.0) masqueraded too. One of the LAN port of mtB is connected to mtA such that communication can be established between LAN and APN.
With IPSec Tunnel on mtB, traffic from outside can get to the APN too.
Tunnel Settings:
Site A (me)
WAN: 5.5.5.5
LAN: 192.168.5.0/24
Site B (other side)
WAN: 2.2.2.2
LAN: 192.168.1.0/24
Now here is where I need help: I want to forward a port to a system 192.168.1.25 on the end of the Tunnel.
Please I need help!!!
IPsec tunnels have to be configured with source/destination as part of tunnel specification. If you know where the forwarded traffic is coming from then you could specify it as part of your site to site tunnel. If you don’t, you will need to have the entire internet [ie 0.0.0.0] as the source subnet on A and destination on B. You will also need the corresponding NAT policies on A to translate the traffic appropriately.
Alternatively you might be able to create a NAT policy so that 192.168.1.25 sees this forwarded traffic as originating from Site A’s LAN IP, but I don’t know for sure if the ROS packet flow would allow this.