I'm translating a VPN config from Cisco to Mikrotik.
This VPN setup is a little different in that the LAN IPs need to be NATed to a specific IP range for the VPN tunnel.
I was looking for a little help on setting that part up properly.
The LAN IP range is 192.168.1.0/24
The valid VPN range is 172.16.169.0/24
The far side VPN range is 192.168.5.96/27
This is what I have for firewall rules:
/ip firewall nat
add chain=srcnat dst-address=192.168.5.96/27 src-address=172.16.169.0/24
add action=src-nat chain=srcnat dst-address=192.168.5.96/27 src-address=\
add action=masquerade chain=srcnat comment="default configuration" \
out-interface=ether1-gateway src-address=192.168.1.0/24 to-addresses=\
I've also defined a bridge with no ports for the 172.16.169.x network:
add address=172.16.169.1/24 interface=loopbridge network=172.16.169.0
Is this correct at all?