Mikrotik

How to connect a device on a network at a remote site to the office network?

There is a local area network in/on an abstract organization/building/site.



It is necessary to connect a device with minimal impact on the environment, which would be in the local network of the parent organization, as in the figure.



Neither the device nor the router through which it connects should ideally require any configuration on site (of course, they must be configured before being issued). They brought it, connected it, the connection was established, it worked. So far the presentation is:

The head office network uses VLAN100 for connected devices, VLAN200 for managing network equipment. The router of the parent organization has a white address. A router at a remote site connects to that site's LAN instead of (say) a computer. The computer connects to the specified port on the router and works as before. The required device is connected to another specified port of the router. Through the tunnel created by the router, this device connects to the local network of the parent organization VLAN100, receives an address from there via DHCP and works. The router itself is controlled from the parent organization, being in VLAN200.

So far, SSTP is considered as a tunnel (we believe that no measures need to be taken at the remote site to release SSL to the outside) and having the ability to authenticate using certificates.

So, how feasible is such a task, what are the pitfalls and / or better alternatives? Well, examples of RouterOS spells will also help a lot