OpenVPN between pfSense server and Mikrotik client

mguarienti

Hi everyone!

I configured a pfsense with openvpn server that receives connections from a mikrotik client. The settings are ok and mikrotik successfully connects to the pfsense server. I can access anything from mikrotik lan to pfsense lan but i can't access anything from pfsense lan to mikrotik lan.

my pfsense openvpn server conf:

dev ovpns1
verb 3
dev-type tun
dev-node /dev/tun1
writepid /var/run/openvpn_server1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto tcp4-server
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 170.xx.xx.xx
tls-server
server 10.200.0.0 255.255.255.0
client-config-dir /var/etc/openvpn/server1/csc
ifconfig 10.200.0.1 10.200.0.2
tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'pfsense.xxxx.com' 1"
lport 1194
management /var/etc/openvpn/server1/sock unix
push "route 192.168.0.0 255.255.0.0"
remote-cert-tls client
route 192.168.1.0 255.255.255.0
capath /var/etc/openvpn/server1/ca
cert /var/etc/openvpn/server1/cert 
key /var/etc/openvpn/server1/key 
dh /etc/dh-parameters.2048
ncp-disable
cipher AES-256-CBC
allow-compression asym
topology subnet
inactive 300

where:

Tunnel network: 10.200.0.0/24
pfSense LAN: 192.168.0.0/16
Mikrotik LAN: 192.168.1.0/24

in client specific override, I added "iroute 192.168.1.0 255.255.255.0" in 'advanced' box (which is my lan on mikrotik's side)

IPv4 routing table:

openvpn connection status:

on the mikrotik side I made a masquerade rule to work the connection from there to the pfsense lan.

the most curious thing is that I can ping any host through the pfsense server to hosts on the mikrotik lan, but I can't from any host on the pfsense lan to the mikrotik lan:

any suggestion? something that needs to be done and forgot?
thank you very much in advance.