SSH

How to open access to ssh, winbox and web Mikrotik router via VPN?

Greetings colleagues!
I made the Internet in a country mansion using a Megafon M150 modem and 4 Mikrotiks (RB750 and 3 RB951Ui). I use 951 as wifi points on floors in CAPsMan, at 750 everything else is getway, dhcp, vpn, capsman controller, etc. I
raised VPN over LTE connection, since there are IP cameras in the house and I would like to watch them. Through the VPN, the registrar launched, and also launched 3 IP routers 192.168.88.2...3...4 so that it would be possible to remotely connect via ssh, winbox and web. This is how the config turned out:
I forward the 9003,9004,9005 port to the SSH, Winbox, Web ports of the router 192.168.88.2 (I did the same for 88.3 and 88.4, only the ports were 9006.9007, etc.)

/ip firewall nat
add action=netmap chain=dstnat dst-port=9003 in-interface=VPN protocol=tcp to-addresses=192.168.88.2 to-ports=80
add action=netmap chain=dstnat dst-port=9004 in-interface=VPN protocol=tcp to-addresses=192.168.88.2 to-ports=8291
add action=netmap chain=dstnat dst-port=9005 in-interface=VPN protocol=tcp to-addresses=192.168.88.2 to-ports=22

Labeled packages

/ip firewall mangle
add action=mark-routing chain=prerouting new-routing-mark=VPN src-address-list=DVR

I added routers and a registrar to the address sheet like this:

/ip firewall address-list
add address=192.168.88.250 list=DVR
add address=192.168.88.2 list=DVR
add address=192.168.88.3 list=DVR
add address=192.168.88.4 list=DVR

Well, I wrote down the itinerary.

/ip route
add distance=1 gateway=VPN routing-mark=VPN

Everything worked great. But I’ve been fighting all day: how can I also let the main router 192.168.88.1 through the VPN? I tried to add it to the address of the DVR list, but nothing happens.
ps I use VPN purely to connect to devices from outside. All other clients go to the Internet through the lte1 interface, for this default rote I have an lte modem interface.