VPN

How to forward VPN clients to the local network?

Good day. Such a problem - you need to organize a vpn channel between a remote server (CentOS) and the office. That is, the client must enter the external IP of the server and get into the internal office network via vpn.
The tunnel is up via PPTP, everything is fine, the router (Mikrotik) and the vpn server see each other. Nat rules have been added to iptables.
However, nothing is visible further than Mikrotik (although Mikrotik itself sees the LAN). Mikrotik creates the dynamic route to the vpn server itself, and sees it.
iptables config:

*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A POSTROUTING -o eth0 -j MASQUERADE
-I PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 192.168.0.10
COMMIT
#
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 1723 -j ACCEPT
-A INPUT -i eth0 -p gre -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p gre -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
-A FORWARD -i ppp+ -o eth0 -j ACCEPT
-A FORWARD -i eth0 -o ppp+ -j ACCEPT
-A FORWARD -i ppp+ -o ppp+ -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Static route added:
192.168.0.1/24 via 192.168.40.2 dev ppp0
Tell me where to dig - does iptables need to be configured, or is there trouble in Mikrotik?