How to configure VPN client access from a different subnet office subnet?

Good day! The challenge is to move on Mikrotik VPN clients (L2TP) to a separate pool of addresses. Addressing the following:
The office is 192.168.88.0 \24
VPN clients - 192.168.1.0 \24
And like all good, was able to connect with the client, and it also prescribed the route to the network is 192.168.88.0 \24 -ping went to is 192.168.88.0 and 192.168.1.1 (the VPN gateway), the Mikrotik is also a route to the client, respectively, the ping is. But there is no access from the client to the resources of the office network (balls, other PC and etc). The question - why? Because the routes to the subnets defined.
June 5th 19 at 21:32
2 answers
June 5th 19 at 21:34
I suppose that you have a problem here:
https://ru.wikipedia.org/wiki/Proxy_ARP

Specifically to allow the bridge to broadcast addresses.
That I left out, but thank You for the reply. - alta.Grant23 commented on June 5th 19 at 21:37
June 5th 19 at 21:36
It is necessary NAT-ing. Or to register a reverse route on the balls, other PC. By the way what IP have the balls and the other PC? They are also in is 192.168.88.0/24 if so, there may be necessary to adjust faervol.
Yes, office computers and the balls in the same subnet 88.0\24. But there are certainly more elegant solution, because on each PC to use the firewall - somehow not comme Il faut. Interested in reason for the need of such actions, please explain if you can. - alta.Grant23 commented on June 5th 19 at 21:39
no access on multiple computers or on all? - alta.Grant23 commented on June 5th 19 at 21:42
all - Mikayla.Roh commented on June 5th 19 at 21:45
Mikrotik for these computers is the default gateway? - alta.Grant23 commented on June 5th 19 at 21:48
Yes, all default - Mikayla.Roh commented on June 5th 19 at 21:51
Hmm... I think I went faervol.
But to other computers as you connect? For RDP? - alta.Grant23 commented on June 5th 19 at 21:54
In General, the problem is most likely solved if you zanatti.
Add the rule to faervol Mikrotik that will mascarading traffic coming from subnet 192.168.1.0/24 is 192.168.88.0/24 - Mikayla.Roh commented on June 5th 19 at 21:57
Yes I haven't connected, only the pings checked his station. And then You hit me... because everything works on the RDP knocked on a couple of computers and 1C - order. and ping is. And in my PC no ping (Debian is). Something uncomfortable somehow happened... - Mikayla.Roh commented on June 5th 19 at 22:00
Well, OK. Write, if that. - alta.Grant23 commented on June 5th 19 at 22:03

Find more questions by tags Network routingMikrotik