The main purpose - remote access to the local network (video surveillance, smart home).
Input data: mikrotik router and server in the DigitalOcean.
Since mikrotik knows how to work with OpenVPN server only by login and password, I decided to run 2 OpenVPN servers:
/etc/openvpn/server-mikrotik.conf:
...
server 10.0.1.0 255.255.255.0
route 192.168.88.0 255.255.255.0 10.0.1.2
route 192.168.1.0 255.255.255.0 10.0.1.2
...
/etc/openvpn/ccd/mikrotik:
ifconfig-push 10.0.1.2 255.255.255.0
iroute 192.168.88.0 255.255.255.0
iroute 192.168.1.0 255.255.255.0
/etc/openvpn/server.conf:
...
server 10.0.2.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 1.1.1.1"
...
The problem is: a client connected to server 2 can ping both OpenVPN servers, but cannot ping clients of server 1. client-to-client setting is disabled (to use host route table), it isn't working with enabled thou.
From the DO droplet I can ping any machine within 192.168.. networks, route table:
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default **masked** 0.0.0.0 UG 0 0 0 eth0
10.0.1.0 10.0.1.2 255.255.255.0 UG 0 0 0 tun1
10.0.1.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun1
10.0.2.0 10.0.2.2 255.255.255.0 UG 0 0 0 tun0
10.0.2.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.18.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
178.62.192.0 0.0.0.0 255.255.192.0 U 0 0 0 eth0
192.168.1.0 10.0.1.2 255.255.255.0 UG 0 0 0 tun1
192.168.88.0 10.0.1.2 255.255.255.0 UG 0 0 0 tun1
