All the 3 routers are connected to the internet and the network behind the routers are able to reach the internet.
The router “12” and “14” are connected to the “router 10” by VPN (ovpn lan to lan).
The routing and firewalls are set up that:
the computers on the “network 100” can access everything on the networks “12” and “14”.
the “remote PC” can access the “server”.
My question is: how to set up the routing and firewalls to have the “Remote PC” access to the “NAS” by using the existing VPN connections.
I think the answer is quite obvious. Now you have routes between routers 14 and 10, and also between 10 and 12. If networks behind routers 12 and 14 should also communicate, you need to add routes between them. So on router 14 it’s route to 192.168.12.0/24 with gateway 192.168.10.4. And on router 12 it’s route to 192.168.14.0/24 with gateway 192.168.10.2. Allow these addresses through firewalls on routers 12 and 14 if they are blocked. And on router 10, you will also need to allow these addresses between both VPN links.
The problem was not the setup in the mikrotik routers. The setub was done as Sob mentioned.
The problem was the LAN2 port of the NAS. A extra fixed route was required in the NAS to point return traffic to the mikrotik network.
