Simply put, I have some VPN clients (Windows 7+) connecting with IPs 192.168.20.0/24 (from pool on Mikrotik).
And I want them to be able to access 192.168.30.0/24, 192.168.40.0/24 etc, so I need routes on clients.
I dont like ROUTE ADD, so after a long time I found the solution - external DHCP server (in my case on Windows 2012) with option "121 - Classless route option".
To make it work the following rules needed:
Code: Select all
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=255.255.255.255 dst-port=67 in-interface=all-ppp protocol=udp src-address=192.168.20.0/24 src-port=68 to-addresses='DHCP server IP here'
/ip firewall raw
add action=notrack chain=prerouting dst-address=192.168.20.0/24 dst-port=68 protocol=udp src-address='DHCP server IP here' src-port=67
And it totally works - the clients get their routes automatically like magic, no scripts nothing "it just works".
My question is: all this was a long time ago. Is there a way to achieve the same result but using just Mikrotik, and no external DHCP? Is there a way to do it in RouterOS 7?
Is there a way to do it somehow different from what I use?
Thank you!