Hi all.
I have Site2Site IPSec VPN between Mikrotik and Palo Alto.
That's my infrastructure:
1. Data Center as Site 1 (Palo Alto PA-220, local network 192.168.16.0/24)
2. Head Office as Site 2 (Mikrotik hAP, local network 192.168.18.0/24)
3. VPN users (Global Protect, connected to Data Center, local network 192.168.168.0/24)
Right now, head office and data center can see each other, as well as vpn users can see data center
The subject is to make Head office network available for VPN users (168 subnet to 18 subnet).
So how to route two different subnets through one tunnel? Is it possible?
Previously we used Palo Alto on both sides and everything worked fine (routing was made via virtual routers - static routes).
In RouterOS I've tried to add 2 different policies for both networks, but when I'm adding second policy, connection drops completely.