1

You probably just need to setup the routing rules in the Mikrotik router to forward all traffic through its VPN tunnel and ensure the machines there or the gateway device (if it's different) sends over to the Mikrotik router. Have you looked over the documentation to see how to direct all Mikrotik traffic through a site VPN tunnel?

I'm not too familiar with the Mikrotik router but just as you have the site VPN setup and tested to confirm that you can get from site to site, can you not set other routing rules to route all traffic thru the tunnel from the 172.16.22.0/24 subnet? I've never done this personally like that but I would think it's possible by simply changing some routes, the default gateway routes use, or something along those lines. Since you setup the site VPN and configure the router, I thought maybe the documentation would give you some more specific pointers about this functionality. – Pimp Juice IT – 2018-04-11T13:03:20.313

Thank for your reply again :) Yep I think the same, my first idea was "oh just create a rule which pointing to the peer as a gateway." But the problem is when create this rule and put the remote peer as a gateway I got "unreachable" message. I have only 2 interface on the mikrotik. Eth1 (WAN) and Eth2 (LAN). So there is no tunnel interface. In this case if I config Eth1 as gateway for the 172.16.22.0/24 it will going directly to the internet. If I config the peer wan IP as gateway it gives me unreachable message and that rule will be disabled. So I don't have any other idea... – Csipi – 2018-04-11T14:53:48.123

Maybe create again the VPN using GRE tunnel and after that I think I can easily choose the GRE tunnel as a gateway...I don't know....but cheers for your help :) I owe you a beer ;) – Csipi – 2018-04-11T14:54:44.147

Just to ensure nothing simple being overlooked, confirm that all the traffic coming into the WG FW is also allowed to go thru at the tunnel on that side. – Pimp Juice IT – 2018-04-11T15:02:40.550