Hi, i have been using that kind of network topology
link between two sites is pure l2vpn do not need using firewall and NAT. When i set up option in firewall on router where 192.168.254.0/24 client resides : config zone
option name wan
list network 'wan
list network 'wan6
option input ACCEPT
option output ACCEPT
option forward ACCEPT
option masq 0
Internet stop working and can not reach any user from network 192.168.0.0/24, when set option masq 1 it starts work perfect
Yes i have route from main router to network where 192.168.254.0/24 resides
From second router i have default router via main router
It's not completely clear what is L2VPN and what is public Internet there, but I'm guessing it is a routing problem.
Assuming that "PPPOE" is a connection to an upstream Internet provider, you need NAT for clients on either of your Class C networks as the router connected to "PPPOE". This should be able to be done at the PPPOE interface alone; no NAT on the router connected to the 192.168.254.0/24 network.
The two Class C networks should route to each other without NAT, assuming the proper routes are in place on both ends of your 10.10.10.0/30 tunnel.
wireshark (or tcpdump) would be how I would debug the problem if it isn't obvious from the routing tables.
Internet provider gave me VLAN beetween two site i called it L2VPN. Main router has route to network 192.168.254.0/24, second route has default gateway via main router seems like this
Second Router:
0.0.0.0/0 >> 10.10.10.2
if do not using NAT internet and 192.168.0.0/24 unreachable
Main Router:
192.168.254.0 >> 10.10.10.1
0.0.0.0/0 >> PPPOE
NAT all private network
While you have all the IP addresses in your head, we're all still guessing here. Without knowing what the addresses are on each interface of each router, and how that point-to-point tunnel is configured, everything is a guess.
