I have a remote subnet 172.16.200.0/24 and a local subnet of 10.10.0.0/24 vpn is running on 192.168.89.0/24 mikrotik on site B reach 172.16.200.254 remote device, but devices on its local subnet 10.10.0.0/24 doesnt reach 172.16.200.254. here is my config so far i ran out of ideas any help would be appreciate :
SITE B
# 2024-04-10 20:19:13 by RouterOS 7.14.1
# software id = B28I-S5FL
#
# model = RB750Gr3
# serial number = HDD087Q1X3P
/interface bridge
add name=bridge1
/interface l2tp-client
add connect-to=XXX.XXX.X.X disabled=no name=SEDE use-ipsec=yes user=vpn
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
/ip pool
add name=dhcp_pool0 ranges=10.10.0.2-10.10.0.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=bridge1 name=dhcp1
/interface bridge port
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
/ip address
add address=10.10.0.1/24 interface=bridge1 network=10.10.0.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=10.10.0.0/24 gateway=10.10.0.1
/ip firewall nat
add action=masquerade chain=srcnat ipsec-policy=out,none out-interface=ether1
/ip route
add disabled=no distance=1 dst-address=172.16.200.0/24 gateway=SEDE pref-src="" routing-table=main scope=10 suppress-hw-offload=no target-scope=10
SITE A
# 2024-04-10 20:21:12 by RouterOS 7.12.1
# software id = T4KY-EQBA
#
# model = RB4011iGS+
# serial number = HFF090FV8GM
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=vpn ranges=192.168.89.2-192.168.89.255
/port
set 0 name=serial0
set 1 name=serial1
/ppp profile
set *FFFFFFFE local-address=192.168.89.1 remote-address=vpn
/interface l2tp-server server
set enabled=yes use-ipsec=yes
/interface list member
add interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add interface=sfp-sfpplus1 list=LAN
/ip address
add address=10.0.0.254/24 interface=ether1 network=10.0.0.0
add address=172.16.200.252/24 interface=ether2 network=172.16.200.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=1m
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat comment="masq. vpn traffic" src-address=192.168.89.0/24
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=10.0.0.1 routing-table=main suppress-hw-offload=no
/ppp secret
add name=vpn