We hired a 3rd party Network Engineer to see why incoming VPN traffic cannot complete connection to a Windows NLB with 2 balanced servers. We can see the traffic hit the MT router and just die there. The engineer stated it was because Mikrotik gets confused because IP 10.255.252.13's endpoint on 2 servers have different MACs.
Can I get a second opinion or Is there a way to spoof MAC address in hand shake or set connection to ignore mac changing and pass it anyways.
NAT Rule
add action=dst-nat chain=dstnat dst-port=25 in-interface=EyeL2TP protocol=tcp \
to-addresses=10.255.252.13 to-ports=25
and
add action=dst-nat chain=dstnat dst-port=25 in-interface=EyeSSTP protocol=tcp \
to-addresses=10.255.252.13 to-ports=25