Why there is no VPN connection between networks without NAT masquerade?

Hello, the question seems simple, but I can not understand.
Here's an example network diagram
The router And the client
Router B server

The router And gets an ip address
In the chain one NAT rule masquerading on public interface for Internet access.
In this configuration, router A pings router B. Computers behind a router And can't ping router B.

After adding the router And masquerade NAT rules on the VPN interface, computers behind a router And already can ping the router B.

Why is it necessary to do masquerade on the VPN interface for access to network B ?
Why not fire marshrutizatora ? Think private addresses should be routable ?
April 19th 20 at 12:10
3 answers
April 19th 20 at 12:12
In such a situation you need site-to-site vpn.
Cars for router B have no idea where to look for cars from
Accordingly, the addresses on the end points of the VPN tunnel is needed, for correct routing, not from the same subnets, i.e. not and not
Cars for router B have no idea where to look for cars from

OK, that's understandable. But then the packets should go to the gateway (gateway of last resort), and the router knows all the routes. Isn't that right? - Kelsi_Daugherty commented on April 19th 20 at 12:15
Further, all high-level:
For computer default gateway is, logical?
Now the computer is wants to send a request (or reply) to computer
He sees that the computer is not in his stream is the domain and sends the packet to the router
The router is - looks who ever is responsible for
Finds the network and sends it to your default gateway. I don't know what scheme it is not.
Then the answer is no, it was all over. - Angelita61 commented on April 19th 20 at 12:18
@Angelita61, isolation. Thank you. Now everything is clear. Added route on Router B and it worked without a masquerade. - Kelsi_Daugherty commented on April 19th 20 at 12:21
April 19th 20 at 12:14
April 19th 20 at 12:16
Why not? Is.
Use routing instead of NAT and all.

If you don't need Internet access this is done without any problems.
If I want to access the Internet, all addresses must be white (routed on the Internet)

NAT is used only when you need to organize access to the interent network with private (gray) addresses, because these addresses are not routed in the global network.

Find more questions by tags MikrotikComputer networks