Hi All
I have a set up where I have two sites linked via RB750G routers over IPSEC tunnel. I want site B to get its DHCP from a DHCP server in site A. I have set up the relay, etc, but there is an issue getting the routers to traverse the tunnel correctly. Devices behind the router are fine as they follow the prerouting -> forward -> postrouting rules, whereas traffic originating inside the router use output -> postrouting. As the device originates inside the router, it sets the source address to be the public IP of the router which means it needs special NAT rules to handle this condition.
I tried putting in a source nat rule that says if the source is <my external IP> and the dest is <the lan IP of the remote router>, src nat to <the LAN IP of my router>. This works sometimes, but not consistently. Is there a best practise method to get a Microtik router to traverse the IPSEC reliably?
Regards
Mark Dutton