We have the following setup which I need to get working:
- Location A:
- Subnet 1:
- Network: 192.168.1.0
- Mask: 255.255.255.0
- Default Gateway: 192.168.1.1
- Subnet 2:
- Network: 192.168.2.0
- Mask: 255.255.255.0
- Default Gateway: 192.168.2.1
- Subnet 1:
- Location B:
- Subnet 3:
- Network: 192.168.3.0
- Mask: 255.255.255.0
- Default Gateway: 192.168.3.1
- Subnet 3:
The default gateways of location A and B are connected via a VPN and ONLY route subnets 1 and 3. I cannot change the config of these gateways.
What I need to achieve is, that traffic going to a public subnet, e.g. 193.197.0.0 is routed through the default gateway of subnet 2.
What I did so far:
- I added a MikroTik router at location A and B which is configured as follows:
- Location A:
- IP: 192.168.1.254, 192.168.2.254
- Route: 193.197.0.0 -> 192.168.2.254
- Location B:
- IP: 192.168.3.254
- Location A:
Now, for location A and subnet 1 this works fine. However, I fail to setup the MikroTik at location 3 properly. I tried:
- Route: 193.197.0.0/12 -> 192.168.1.254 (that does not work)
- Setup IPIP-tunnel between the two MikroTik and route 193.197.0.0/12 -> (IPIP-tunnel)
Background: clients in subnet 1 and 3 need to access a certain website. However, the website can only be contacted through the gateway in subnet 2 (some high security stuff).
I'm pretty sure that this scenario can be solved with these routers but I need your help! Any ideas?
Best Answer
The above setup only works if additionally to the routes NAT is enabled and configured properly.
See source nat on the Mikrotik Wiki: https://wiki.mikrotik.com/wiki/Manual:IP/Firewall/NAT#Source_NAT