Computer networks

What's wrong with routes? or VPN without src-nat?

Hey!
Initially, there was such a configuration:
Mikrotik:
BRIDGE_LAN: 192.168.0.1/24

On the same Mikrotik L2TP + IPSEC Server: 10.10.100.1
Pool: 10.10.100.101-254

Well, NAT:
ip.src=10.10.100.0/24 ip.dst= 192.168.0.0/24 -j src-nat to-source=192.168.0.1

For L2TP clients:
ip route add 192.168.0.0/24 via 10.10.100.1

All L2TP clients can surf 192.168.0.0/24

I thought it was possible do not nat them, but remove the src-nat rule, and set up forwarding:

add action=accept chain=forward dst-address=192.168.0.0/24 src-address=10.10.100.0/24
add action=accept chain=forward dst-address=10.10.100.0/24 src-address=192.168.0.0/24

L2TP clients already have a route in 192.168.0.0/24 through 10.10.100.1
And all computers 192.168.0.0/24 already have 192.168.0.1 as the main gateway

But traffic, pings, does not go either way.
The route in 10.10.100.0/24 is not specified, since when any L2TP client connects to the Mikrotik, the route to the client is specified in the Mikrotik using the 32nd mask.

That is, the gateway (Mikrotik) can ping everyone in both directions.
Forwarding is prescribed between subnets, and on both sides the gateway is Mikrotik.

What haven't I done yet? Why comrades do not respond? SRC-NAT is not necessary in this situation, right?

I thought that maybe IPSEC tunneled somehow cunningly, and maybe because of this. But disabled IPSEC, and the situation has not changed.