I've manged to build IPsec site-to-site tunnel between Mikrotik CHR which hosted in some Europe datacenter and Fortigate 100F which hosted in my company HQ. Our Fortigate is behind double NAT (4G/LTE router's NAT and CGNAT of mobile operator) and it could dialup to Mikrotik CHR and I have good connection, both LAN's are working proper way and reach each other without any problem.
Now I have another task, is it possible to get inbound traffic from my WAN and then forward it to the server related to the other side of IPsec tunnel (it is web interface of Fortigate device which offer RDP and other services).
But it'll be better if it would be possible to get incoming Fortigate VPN-clients traffic from the WAN of Mkirotik CHR and then send them through IPsec tunnel to the interface of Fortigate which is receiving SSL-VPN clients traffic on the other side of IPsec tunnel. Long story short, is there any way to wrap SSL-VPN traffic to established IPsec tunnel, tunnel connection inside tunnel connection.
Thanks a lot beforehand!