Good morning guys,
I am writing for the first time I introduce myself I am Alessandro Bozzo, I am writing from the province of Savona in Italy.
I have a problem on a Mikrotik: I have successfully activated a client vpn with the Wireguard server on QNAP, I can ping the IPs in the qnap subnet within the Mikrotik terminal without problems, but in my internal Mikrotik subnet it does not work, I set up a source nat with suorce address my subnet dest address subnet of the qnap and out interface wireguard but nothing.
I am attaching configuration of the mikrotik:
# jun / 13/2022 06:17:50 by RouterOS 7.3.1
# software id = V5EL-CMUG
#
# model = RouterBOARD mAP L-2nD
# serial number = <CENSORED>
/ interface wireless
set [find default-name = wlan1] band = 2ghz-b / g / n disabled = no mode = ap-bridge \
ssid = MikroTik
/ interface wireguard
add listen-port = 13231 mtu = 1420 name = wireguard1
/ interface wireless security-profiles
set [find default = yes] supplicant-identity = MikroTik
/ ip hotspot profile
set [find default = yes] html-directory = hotspot
/ ip pool
add name = pool1 ranges = 192.168.200.50-192.168.200.100
/ ip dhcp-server
add address-pool = pool1 interface = wlan1 name = server1
/ interface wireguard peers
add allowed-address = 0.0.0.0 / 0 endpoint-address = 82.215.131.20 endpoint-port = \
51820 interface = wireguard1 persistent-keepalive = 10s public-key = \
"WdrBS / JgIrJORFBjYEvV1pwdRlZipWr + HTv2LiSSphA ="
/ ip address
add address = 198.18.7.4 / 24 interface = wireguard1 network = 198.18.7.0
add address = 192.168.200.1 / 24 interface = wlan1 network = 192.168.200.0
/ ip dhcp-client
add interface = ether1
/ ip dhcp-server network
add address = 192.168.200.0 / 24 dns-server = 8.8.8.8 gateway = 192.168.200.1 netmask = \
24
/ ip firewall nat
add action = masquerade chain = srcnat out-interface = ether1
add action = accept chain = srcnat dst-address = 172.20.0.0 / 16 out-interface = \
wireguard1 src-address = 192.168.200.0 / 24
/ ip route
add disabled = no distance = 1 dst-address = 172.20.0.0 / 16 gateway = 198.18.7.1 \
pref-src = "" routing-table = main scope = 30 suppress-hw-offload = no \
target-scope = 10
[admin @ MikroTik]>