Hi everyone,
I have a setup with two logical networks/VLANs. 192.168.68.0 and 192.168.69.0
In 192.168.69.0 is a server a client wants to connect to. The IP of the server is 192.168.69.90. The client is connected to the 192.168.68.0 network and gets his IP from the DHCP server.
I defined a firewall rule that allows the connection from the 192.168.68.0 network to 192.168.69.90. Everything works to this point.
When I activate a VPN connection on the client the connection to the server does not work anymore. I think the request is routed through the VPN because the server is not within the local network.
Do you have a hint how to solve this?
My idea was that the client could use an IP within the local network and the router could forward this to 192.168.69.90.
So I tried to add a rule like this:
ip firewall nat add protocol=tcp dst-address=192.168.68.90 action=dst-nat to-addresses=192.168.69.90 chain=dstnat
The idea is that I configure 192.168.68.90 within the client and the router forwards the request to 192.168.69.90. But it does not work.
Is that a good idea? Do you have a better one?
Do I need some further firewall rules?
I’m not a network expert but I would like to learn something. 
Thanks,
Daniel