I'm currently managing multiple Mikrotiks at my client locations using OpenVPN. I set up OVPN on each Mikrotik router, edit the .ovpn config with the
Code: Select all
"route 192.168.0.0 255.255.255.0 10.8.0.1"
This worked well for me but the number of managed devices increased and it's not feasible anymore. My Mikrotiks are also most of the time behind ISP ONTs on wich I have to either port forward or set up in bridge mode so I can get in from my side. This is not a good ideea anymore because of OTA updates on those ONTs, CGNAT, replacements by the ISP, etc so I need a solution to make the client's device call home to my VPN server.
I do have several Mikrotik devices at my office that I can use as a VPN server and also some VPSes.
I'm stuck at how to configure the routes for the VPN client>server so I can access the client's subnet because these subnets overlap, for example I have multiple clients that use 192.168.0.0/24. I know NAT can be used but I have not reached.
I was thinking of using SSTP on the Mikrotiks to call home to my VPN server over port 443. I would then connect to the VPN server myself and access the client's LAN and\or Mikrotik router. But how would I resolve the issue with overlapping subnets?