Hi there!
The circuit uses two ROS7 mikrotiks and Open VPN:
- RB750GR3
- HAP ac2
VLAN filtering is configured on the first mikrotik (RB750GR3), vlan2, tagged port ether5 and untagged port ether2 not used. The mikrotik interface ip address is 10.10.2.4.
On the second mikrotik (HAP ac2), the vlan and ports are configured the same way, but used ether2 untagged port. Mikrotik interface ip address: 10.10.2.1, end notebook ip address: 10.10.2.25.
Pinging all interfaces within the LAN works fine.
USB LTE modem installed on RB750GR3. Open VPN is configured. Connection pool for VPN 10.10.4.10 - 10.10.4.30, address in PPP profile 10.10.4.100.
On the client, route 10.10.2.0 255.255.255.255.0 is specified in the configuration. Route add success.
Dev tun, udp, 1194.
After successful connection, I can successfully ping the address 10.10.2.4 on the RB750GR3 from the open VPN client.
But I cannot ping the address 10.10.2.1 and 10.10.2.25 that are on the second mikrotik behind the trunk port ether5.
Tracer in the first case:
tracert 10.10.2.4
1 94 ms 100 ms 94 ms 94 ms 10.10.2.4
Tracert in the second case
tracert 10.10.2.25
1 * 89 ms 77 ms 10.10.4.100
2 * * * * Request time out.
3 * * * * Request time out.
4 * ^C
No additional static routes were created. There is only one rule for port 1194 in the firewall configuration.
