[Mikrotik] IPsec tunnel times out and does not re-establish

All, Have an issue where two of three IPsec tunnels (two aes and one 3des) are not rebuilding and I have to manually login to "Kill connections" and then they rebuild. Originally we had adjusted the Policy level to be "Unique" based on recommendations from this list. It seems to have fixed the

Re: [Mikrotik] IPsec tunnel drops and requires flush

Hi Jerry. I hadn't used IPSEC on 5.26 so I can't advise about any bugs back then that may now be fixed. Another thing is to never assume the other end doesn't also have bugs. The only time require vs unique should come into play would be when there were more than one subnet at one end of the

Re: [Mikrotik] IPsec tunnel drops and requires flush

Hi Alexander, Thanks for the quick response. We are running 5.26 on all 750's and the firmware is 3.19. There is an initial tunnel that has been up on these boxes to a Juniper that never goes down. The tunnel to the Cisco was added months later and of course to different subnet. So I see the s

Re: [Mikrotik] IPsec tunnel drops and requires flush

Hi Jerry I don't have specific experience with Cisco at the far end. However are there more that a single subnet at either end of the link? I have found that some other providers default to "unique" for SA's while the Mikrotik defaults to "require". This can mean that it fails to maintain the

[Mikrotik] IPsec tunnel drops and requires flush

Hey all, Need your expertise. We have MikroTik 750's building IPsec tunnels using aes128 to a Cisco router. Our script initially brings up the tunnel via a ping (runs 3 pings every minute) and tunnel will run until the lifetime expires (I believe) but after it expires, it never rebuilds. We hav

[Mikrotik] Ipsec Main Mode with dynamic sites?

All, Can main mode IPsec be used with sites that have dynamic IP assignments on a 750? (DHCP, PPPOE)? I haven't attempted yet and we have hundreds using aggressive but customer wants to migrate. Thanks! Jerry Roy Tolt Solutions -- next part -- An HTML attachment was scr

Re: [Mikrotik] IPSec Trouble

what do you mean by split tunnel ? I've got the standard ip firewall rules in as rule 0 to allow all this back and forth traffic as un-masq'd. On Tue, Apr 8, 2014 at 4:01 PM, Jerry Roy wrote: > Look at your Nat if this is split tunnel. > > You should nat thru tunnel and masquerade to intern

Re: [Mikrotik] IPSec Trouble

Split tunnel means allow traffic destined to the other end to be encrypted and all the remaining traffic defined straight to the internet vs. single tunnel which all traffic is encrypted and sent thru the tunnel to the other side. After I looked at it, you do have split tunnel ;) *Jerry Roy* Sr. S

Re: [Mikrotik] IPSec Trouble

Look at your Nat if this is split tunnel. You should nat thru tunnel and masquerade to internet *Jerry Roy* Sr. Systems Engineer MTCNA/MTCRE/MTCTCE 1 949 681 5054 1 562 305 9545 Cell Unity Network Services *An iPass Company* 125 Technology Drive Suite 100 Irvine, CA 92618 On Tue, Apr 8,

Re: [Mikrotik] IPSec Trouble

I get the point of initiating from the spoke to the hub... so, I killed / flushed ALL connections on both sides. Pinged from the spoke to the other side of the hub, and everything came up - remote peers, installed SA's, etc... but I can STILL see the individual packets... That's not good...

Re: [Mikrotik] IPSec Trouble

Working? :) *Jerry Roy* Sr. Systems Engineer MTCNA/MTCRE/MTCTCE 1 949 681 5054 1 562 305 9545 Cell Unity Network Services *An iPass Company* 125 Technology Drive Suite 100 Irvine, CA 92618 On Mon, Apr 7, 2014 at 11:26 AM, Rick Smith wrote: > Doylestown = Spoke side... > > Thanks jerry.

Re: [Mikrotik] IPSec Trouble

Doylestown = Spoke side... Thanks jerry. On Mon, Apr 7, 2014 at 12:32 PM, Jerry Roy wrote: > send an export of the spoke side. > > Thanks > > *Jerry Roy* > -- next part -- > An HTML attachment was scrubbed... > URL: < > http://mail.butchevans.com/pipermail/mikrotik/atta

Re: [Mikrotik] IPSec Trouble

Looks like the attachment was scrubbed. email to j...@ipass.com, lets see if that will work :) *Jerry* -- next part -- An HTML attachment was scrubbed... URL:

Re: [Mikrotik] IPSec Trouble

send an export of the spoke side. Thanks *Jerry Roy* -- next part -- An HTML attachment was scrubbed... URL: ___ Mikrotik mailing list

[Mikrotik] IPSec Trouble

Guys, Trying to get some ipSEC stuff running here. We have a cloud router running in a datacenter with a public IP. I want remote site to site tunnels running with IPSec configs to tunnel remote offices here. Followed the Mikrotik Manual for IPSec Site to Site using the 192.168.80/.90 example,

Re: [Mikrotik] MikroTik IPSec/L2TP and RouterOS v6

2.2.2, it won't work, and if you connect to 1.2.3.4, it does. We have a winner!!! Have to use the IP speaking OSPF or BGP in the direction of the client. That makes things interesting with 8 paths into router at the centrally located office. In the future, I will try to remember "MikroTi

Re: [Mikrotik] MikroTik IPSec/L2TP and RouterOS v6

On 01/23/2014 11:58 PM, Butch Evans wrote: This is true if you set the "generate policy" option in the IPSec Peer. If you manually configure the policy, you define the source IP to be used as the "SA Src Address" field. While I haven't tried it, I would imagine that some creative policy rou

Re: [Mikrotik] MikroTik IPSec/L2TP and RouterOS v6

On 01/24/2014 01:33 AM, Scott Lambert wrote: On Thu, Jan 23, 2014 at 11:09:16AM -0800, Kristian Hoffmann wrote: Not sure if this applies to your configuration, but I recently ran into the same symptom in two similar cases. The short version is, regardless of what the config and logs say, the IP

Re: [Mikrotik] MikroTik IPSec/L2TP and RouterOS v6

derlying point is the same. If the > remote endpoint connects to 2.2.2.2, it won't work, and if you connect > to 1.2.3.4, it does. We have a winner!!! Have to use the IP speaking OSPF or BGP in the direction of the client. That makes things interesting with 8 paths into rout

Re: [Mikrotik] MikroTik IPSec/L2TP and RouterOS v6

Not sure if this applies to your configuration, but I recently ran into the same symptom in two similar cases. The short version is, regardless of what the config and logs say, the IPSec packets will have a source IP of the pref-src value for the route matching the IPSec endpoint. Example...

Re: [Mikrotik] MikroTik IPSec/L2TP and RouterOS v6

I don't use L2TP so I can't provide much insight on your existing config. I did however follow this guide on a test router and was able to make the configuration work as expected: http://www.nasa-security.net/mikrotik/mikrotik-l2tp-with-ipsec/ I'm on 6.7, so this is current. Rory McCann MKAP T

[Mikrotik] MikroTik IPSec/L2TP and RouterOS v6

I appologize for the length of this e-mail. I didn't want to leave out any of the work I've already done trying to troubleshoot this. I really appreciate anyone willing to slog through it. I am having fits with my IPSect/L2TP VPNs I use to get into various places. Someone posted a recipe to thi

Re: [Mikrotik] IPsec issue

Sounds like the tunnel isn't up to me and the MT is pushing traffic. You could do a packet sniffer on the ethernet port that the IPSec is attempting on. Josh Luthman Office: 937-552-2340 Direct: 937-552-2343 1100 Wayne St Suite 1337 Troy, OH 45373 On Wed, Jun 26, 2013 at 2:31 PM, Jerry Roy wro

[Mikrotik] IPsec issue

Hi MT Guru's :) Need your input. Pulling what little hair I have left out on this one. We have 100 or so sites with MT750 IPsec tunnel back to a Juniper 5200. Four of these sites show IPsec SA's only showing traffic in incrementing in one direction (from MT to Juniper aggressive mode). The Juniper

Re: [Mikrotik] ipsec issue

I just realized this was not included. /ip ipsec proposal set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m name=default pfs-group=modp1024 add auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m name=juniper pfs-group=none /ip ipsec peer add

[Mikrotik] ipsec issue

All, We have an IPSec hub and spoke design. I have a 750GL (spoke) that is connected via IPsec back to a Juniper (Hub). I initiate the connection from the 750 and it creates a tunnel (2 SA's) and then I can ping to a device sitting behind the Juniper. If I try and ping back from the device behind

Re: [Mikrotik] IPSec Client

Generally, I do PPTP, but you should be able to do L2TP+IPSEC: http://wiki.mikrotik.com/wiki/MikroTik_RouterOS_and_Windows_XP_IPSec/L2TP TJ Burbank August 27, 2012 10:03 What does everybody use for IPSec Remote End User Client Software to terminate to a MikroTik Rou

[Mikrotik] IPSec Client

What does everybody use for IPSec Remote End User Client Software to terminate to a MikroTik Router? I do a lot of Branch Office setups (Tik to Tik) but have never done a Tik to Windows or Tik to Mac OSX setup. -TJ -- next part -- An HTML attachment was scrubbed... URL: <

Re: [Mikrotik] IPSec for mobile

> - Original Message - From: "Sim" > To: "Mikrotik discussions" > Sent: Wednesday, August 22, 2012 9:55 PM > > Subject: Re: [Mikrotik] IPSec for mobile > > >> Reduce lacency? >> >> Contact your 3G/WiFi/Provider ;- >>

Re: [Mikrotik] IPSec for mobile

DUDE, local! *LOCAL* BACKBONE! is my own routers i'm simulating it here befaure i travel but latency is very HIGH :-P - Original Message - From: "Sim" To: "Mikrotik discussions" Sent: Wednesday, August 22, 2012 9:55 PM Subject: Re: [Mikrotik] IPSec for

Re: [Mikrotik] IPSec for mobile

inal Message - From: "Sim" > To: "Mikrotik discussions" > Sent: Wednesday, August 22, 2012 9:50 PM > > Subject: Re: [Mikrotik] IPSec for mobile > > >> For security reason L2TP isn't good. >> Ipsec + L2TP is the only way supported by iPhone (i

Re: [Mikrotik] IPSec for mobile

DUDE, you rocks i'm connected to my VPN! but, but; evean in a local network... i have latency of 130MS! :P anyway how can i reduce it please? thank you - Original Message - From: "Sim" To: "Mikrotik discussions" Sent: Wednesday, August 22, 2012 9:50 PM Subj

Re: [Mikrotik] IPSec for mobile

gt; i think it's working only L2TP. > > - Original Message - From: "Sim" > To: "Mikrotik discussions" > Sent: Wednesday, August 22, 2012 9:41 PM > > Subject: Re: [Mikrotik] IPSec for mobile > > >> The config posted in precedent emai

Re: [Mikrotik] IPSec for mobile

question, sim is l2tp itself alone good? i think it's working only L2TP. - Original Message - From: "Sim" To: "Mikrotik discussions" Sent: Wednesday, August 22, 2012 9:41 PM Subject: Re: [Mikrotik] IPSec for mobile The config posted in precedent email is

Re: [Mikrotik] IPSec for mobile

Name="Edge01-493-Alger" > 19:28:33 l2tp,debug,packet Vendor-Name="MikroTik" > 19:28:33 l2tp,debug,packet (M) Assigned-Tunnel-ID=2 > 19:28:33 l2tp,debug,packet (M) Receive-Window-Size=4 > [admin@Edge01-493-Alger] /ppp secret> > > > -

Re: [Mikrotik] IPSec for mobile

ot;MikroTik" 19:28:33 l2tp,debug,packet (M) Assigned-Tunnel-ID=2 19:28:33 l2tp,debug,packet (M) Receive-Window-Size=4 [admin@Edge01-493-Alger] /ppp secret> - Original Message - From: "Sim" To: "Mikrotik discussions" Sent: Wednesday, August 22, 2012

Re: [Mikrotik] IPSec for mobile

You can use "send all traffic" over iPhone or use the same internal IPs (with proxyarp) 2012/8/22 Ty Featherling : > How are the IP addresses at the end siginificant. That is the part I can't > wrap my head around with tunnels. I get the it will assign IPs to the > endpoints on the tunnel but are

Re: [Mikrotik] IPSec for mobile

How are the IP addresses at the end siginificant. That is the part I can't wrap my head around with tunnels. I get the it will assign IPs to the endpoints on the tunnel but are they just arbitrary, non-routable addresses? Is the iPhone in this case going to find itself attached to this router but w

Re: [Mikrotik] IPSec for mobile

thank you DUDE, shortly! - Original Message - From: "Sim" To: "Mikrotik discussions" Sent: Wednesday, August 22, 2012 4:44 PM Subject: Re: [Mikrotik] IPSec for mobile iPhone IPsec is for Cisco (see logo). Use L2TP+IPsec (first choice on your mobile device)

Re: [Mikrotik] IPSec for mobile

ns" > Sent: Wednesday, August 22, 2012 4:39 PM > Subject: Re: [Mikrotik] IPSec for mobile > > > >> Hi, this is that you need :-) >> >> # Server & Preshared (1234567abcdef) config >> /interface l2tp-server server set enabled=yes >> >> /ip

Re: [Mikrotik] IPSec for mobile

thank you a lot ! is L2TP required? or IPSec can work alone ? - Original Message - From: "Sim" To: "Mikrotik discussions" Sent: Wednesday, August 22, 2012 4:39 PM Subject: Re: [Mikrotik] IPSec for mobile Hi, this is that you need :-) # Server & Preshare

Re: [Mikrotik] IPSec for mobile

Hi, this is that you need :-) # Server & Preshared (1234567abcdef) config /interface l2tp-server server set enabled=yes /ip ipsec proposal set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des,aes-256 \ lifetime=30m name=default pfs-group=modp1024 /ip ipsec peer add addre

[Mikrotik] IPSec for mobile

hello folks i'm traveling these days and i'lle love to be in my home network i have a iPhone4S i want to do IPSec or L2TP (no pptp) into my rb493G any idea please? IPSec look very complicated... no OpenVPN in iOs. no Jailbreack. thank you Meftah Tayeb IT Consulting http://www.tmvoip.com/ phone

[Mikrotik] Ipsec to Loopback Interface?

Hi all you Guru's :) I have a "hub and spoke" Ipsec VPN network. On the hub side is Juniper router. We have 900 Cisco 881 routers on the spoke side all with standard broadband links (pppoe, dhcp and static w/dsl, cable or wireless) connecting back to it. We have a loopback address assigned on each

[Mikrotik] Windows to MikroTik IPSec VPN Setup

Hi guys, I normally use PPTP to set up Windows-to-Mikrotik VPN connections, but I have a customer who is insisting on IPSec. I've read the Manual/Wiki, but haven't been successful with this. If anyone has a working Windows XP/Vista/7-to-Miorktik VPN setup using IPSec, I would really appreciate

Re: [Mikrotik] Mikrotik, IPSec VPN, UDP, VOIP

k discussions" Sent: Friday, July 13, 2012 2:33 PM Subject: Re: [Mikrotik] Mikrotik, IPSec VPN, UDP, VOIP Sure, any IP traffic inside any tunnel. 2012/7/13 Damai Oh, it is my mistake, it is OpenVPN that does not support UDP mode. So, if we are using OpenVPN, we can still using UDP/VOIP ins

Re: [Mikrotik] Mikrotik, IPSec VPN, UDP, VOIP

Sure, any IP traffic inside any tunnel. 2012/7/13 Damai > Oh, it is my mistake, it is OpenVPN that does not support UDP mode. > > So, if we are using OpenVPN, we can still using UDP/VOIP inside the tunnel? > > Thanks. > Anto > > Chupaka wrote: > >> Please give us a link. OpenVPN in RouterOS doe

Re: [Mikrotik] Mikrotik, IPSec VPN, UDP, VOIP

Oh, it is my mistake, it is OpenVPN that does not support UDP mode. So, if we are using OpenVPN, we can still using UDP/VOIP inside the tunnel? Thanks. Anto Chupaka wrote: Please give us a link. OpenVPN in RouterOS does not support UDP mode. I haven't heard about any such limitations in IPSec.

Re: [Mikrotik] Mikrotik, IPSec VPN, UDP, VOIP

Please give us a link. OpenVPN in RouterOS does not support UDP mode. I haven't heard about any such limitations in IPSec. And definitely it should not affect traffic inside the tunnel, so VoIP will work. 2012/7/9 Damai > Hi All, > > I've read that IPSec VPN in Mikrotik does not support UDP. >

[Mikrotik] Mikrotik, IPSec VPN, UDP, VOIP

Hi All, I've read that IPSec VPN in Mikrotik does not support UDP. So if we established the IPSec VPN connection with Mikrotik at any end, then we cannot do VOIP thru the tunnel, right? Please confirm. We are going to make IPSec connection between Mikrotik RB1100AH and Sonicwall. Thanks. Ant

Re: [Mikrotik] IPSEC over DSL issues

Thanks Tim! I'll try 1400 and see if that provides for a more stable tunnel. Dylan On Jun 6, 2011, at 7:39 PM, Tim Payne wrote: > I had to set my MTU's to 1400... Still a little flakey.. Good Luck.. > > -tp > On Jun 6, 2011, at 8:36 AM, Dylan Bouterse wrote: > >> I have an IPSEC tunnel that

Re: [Mikrotik] IPSEC over DSL issues

I had to set my MTU's to 1400... Still a little flakey.. Good Luck.. -tp On Jun 6, 2011, at 8:36 AM, Dylan Bouterse wrote: > I have an IPSEC tunnel that has been giving us fits since we switch from a > Pix to a RB750. There is location A that is at the main office with a RB750 > (on a fiber u

[Mikrotik] IPSEC over DSL issues

I have an IPSEC tunnel that has been giving us fits since we switch from a Pix to a RB750. There is location A that is at the main office with a RB750 (on a fiber upstream) and the remote site on a RB750 using PPPOE over DSL. Both 750s are on 5.4 after upgrading due to various fixes. The tunnel

Re: [Mikrotik] IPSec Tunnel won't Form over Wireless Link

x27;t understand why it would matter. It is a cisco ezvpn setup that the client was using. So I don't know if it is all MT blame or some cisco as well. --Original Message-- To: Mikrotik discussions Subject: Re: [Mikrotik] IPSec Tunnel won't Form over Wireless Link Sent: Nov 10, 20

Re: [Mikrotik] IPSec Tunnel won't Form over Wireless Link

ssage- From: "Keith Barber" Sender: mikrotik-boun...@mail.butchevans.com Date: Wed, 10 Nov 2010 22:41:36 To: Mikrotik discussions Reply-To: Mikrotik discussions Subject: Re: [Mikrotik] IPSec Tunnel won't Form over Wireless Link Alright I have some more information on this issue

Re: [Mikrotik] IPSec Tunnel won't Form over Wireless Link

m my phone... -Original Message- From: "Keith Barber" Sender: mikrotik-boun...@mail.butchevans.com Date: Tue, 9 Nov 2010 12:08:42 To: mikrotik Reply-To: Mikrotik discussions Subject: [Mikrotik] IPSec Tunnel won't Form over Wireless Link Good afternoon everyone. I have a

[Mikrotik] IPSec Tunnel won't Form over Wireless Link

Good afternoon everyone. I have a bit of problem for a big client that is trying to setup an IPsec tunnel to their corporate offices. The setup is as follows: CoreRouter -> L2Switch -> AP -> CPE The router and switch are strictly vlan. The same vlans are being handed out through th

Re: [Mikrotik] Ipsec behind NAT

I haven't heard of any special configuration to allow ipsec but I could be wrong. Did you check the mt forums? On Jul 22, 2010 10:07 PM, "Keith Barber" wrote: Its for a global company that I'm sure is super paranoid. But plan to ask if they can just do pptp in the am. -Keith- >From my phon

Re: [Mikrotik] Ipsec behind NAT

cussions Reply-To: Mikrotik discussions Subject: Re: [Mikrotik] Ipsec behind NAT Pptp is very easy. Can you do that? Windows has a built in client. On Jul 22, 2010 9:59 PM, "Keith Barber" wrote: Hey everyone, I need to have a pc behind my MT connect to an ipsec vpn. My MT is src-n

Re: [Mikrotik] Ipsec behind NAT

Pptp is very easy. Can you do that? Windows has a built in client. On Jul 22, 2010 9:59 PM, "Keith Barber" wrote: Hey everyone, I need to have a pc behind my MT connect to an ipsec vpn. My MT is src-nat'ing my internal network as my public ip. The error it always fails on is "negociating se

[Mikrotik] Ipsec behind NAT

Hey everyone, I need to have a pc behind my MT connect to an ipsec vpn. My MT is src-nat'ing my internal network as my public ip. The error it always fails on is "negociating security policy". The client being used is Cisco VPN Client v5.0.01.0600. Tried doing some google research, and mos

Re: [Mikrotik] [IPsec and Cisco ASA]

Thanks Kurt, whilst I don't have a Cisco box, your config helped me connect two Mikrotik routers together, something I was having a problem with. Thanks again. -- Regards Hilton 082.572.9619 -Original Message- From: mikrotik-boun...@mail.butchevans.com [mailto:mikrotik-boun...@mail.bu

Re: [Mikrotik] [IPsec and Cisco ASA]

oops... My apologies that should be no. I was doing some other tests and disabled these rules. Thanks! PS: There is a known bug with IPSEC between Mikrotik to Cisco if you have multiple Peers. I managed to duplicate this exact bug... See: http://forum.mikrotik.com/viewtopic.php?f=2&t=39243

Re: [Mikrotik] [IPsec and Cisco ASA]

Why are your "Firewall NAT" rules disabled? Casey On Fri, May 21, 2010 at 4:42 AM, Kurt Plaatjes wrote: > Details: > Local network: > > 10.10.0.0/16 > > Remote networks > > 172.16.70.0/24 > 172.16.71.0/24 > > Local Public IP: > > 195.10.10.20 > > Remote Public IP: > 202.10.10.20 > > > > /ip i

Re: [Mikrotik] [IPsec and Cisco ASA]

Details: Local network: 10.10.0.0/16 Remote networks 172.16.70.0/24 172.16.71.0/24 Local Public IP: 195.10.10.20 Remote Public IP: 202.10.10.20 /ip ipsec proposal set default auth-algorithms=sha1 comment="" disabled=no enc-algorithms=\ aes-256 lifetime=1h name=default pfs-group=modp1536 /i

Re: [Mikrotik] [IPsec and Cisco ASA]

Great!!! I'd like to see it posted :) On 5/21/10, Kurt Plaatjes wrote: > Hey Guys > > After many sleepless hours we have managed to get ipsec running smoothly > between Mikrotik 4.9 and CISCO ASA. > I am glad to share configs if anyone is interested. > > Kurt > -- next part -

[Mikrotik] [IPsec and Cisco ASA]

Hey Guys After many sleepless hours we have managed to get ipsec running smoothly between Mikrotik 4.9 and CISCO ASA. I am glad to share configs if anyone is interested. Kurt -- next part -- An HTML attachment was scrubbed... URL:

[Mikrotik] IPSec Certificate Usage

Is there a procedure for creating IPSec ecurity certificates? I want to create and use certificates on an IPSec link as an exercise. So can anyone explain the proper way to create them and install them in a Tik box on each end. I currently have the IPSec link is up and running just fine usin

Re: [Mikrotik] IPSec

kinda piss poor. > > > -- > Mike Hammett > Intelligent Computing Solutions > http://www.ics-il.com > > > - Original Message - > From: "Eric Holtzclaw" <[EMAIL PROTECTED]> > To: "Mikrotik discussions" > Sent: Monday, Jun

Re: [Mikrotik] IPSec

Solutions http://www.ics-il.com - Original Message - From: "Eric Holtzclaw" <[EMAIL PROTECTED]> To: "Mikrotik discussions" Sent: Monday, June 23, 2008 2:13 AM Subject: Re: [Mikrotik] IPSec Try keeping a ping session up on the inside and see if that stops

Re: [Mikrotik] IPSec

Subject: Re: [Mikrotik] IPSec It started working, and then stopped again. [EMAIL PROTECTED] > /log print detail time=dec/31/1969 18:00:13 topics=system,info message="router rebooted" time=dec/31/1969 18:00:20 topics=ipsec,ike message="@(#) racoon / MikroTik" time=dec/

Re: [Mikrotik] IPSec

500]" time=16:43:08 topics=ipsec,ike message="none message must be encrypted" time=16:43:18 topics=ipsec,ike message="none message must be encrypted" time=16:43:28 topics=ipsec,ike message="none message must be encrypted" time=16:43:38 topics=ipsec,ike message=

Re: [Mikrotik] IPSec

l.com - Original Message - From: "Butch Evans" <[EMAIL PROTECTED]> To: "Mikrotik discussions" Sent: Saturday, June 14, 2008 7:07 PM Subject: Re: [Mikrotik] IPSec On Thu, 12 Jun 2008, Mike Hammett wrote: we're working with. The NIF wireless and everything behind

Re: [Mikrotik] IPSec

protocol=tcp to-addresses=192.168.1.4 to-ports=554-557 -- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: "Butch Evans" <[EMAIL PROTECTED]> To: "Mikrotik discussions" Sent: Saturday, June 14, 2008 7:07

Re: [Mikrotik] IPSec

ikrotik discussions" Sent: Thursday, June 19, 2008 11:22 AM Subject: Re: [Mikrotik] IPSec Mike, Does the IPSec tunnel encrypt any packets when you attempt to make a connection from one side to the other? Regards, Paul Mike Hammett wrote: Actually, the darn thing stopped workin

Re: [Mikrotik] IPSec

Where would I see that at? -- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: "Paul J. Benner, Jr." <[EMAIL PROTECTED]> To: "Mikrotik discussions" Sent: Thursday, June 19, 2008 11:22 AM Subject: Re

Re: [Mikrotik] IPSec

s -- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: "Mike Hammett" <[EMAIL PROTECTED]> To: "Mikrotik discussions" Sent: Saturday, June 07, 2008 11:49 AM Subject: Re: [Mikrotik] IPSec I had actually just go

Re: [Mikrotik] IPSec

To: "Mikrotik discussions" Sent: Saturday, June 07, 2008 11:49 AM Subject: Re: [Mikrotik] IPSec I had actually just gotten it fixed by trying the masquerade option before Butch told me to do masquerade. That said, I have attached a map of what we're working with. The NIF w

Re: [Mikrotik] IPSec

On Thu, 12 Jun 2008, Mike Hammett wrote: we're working with. The NIF wireless and everything behind it cannot communicate with anything across the IPSec link, though everything else including and behind NIF router does. Everything including and behind NIF router can talk to everyone else on

Re: [Mikrotik] IPSec

On Thu, 12 Jun 2008, Mike Hammett wrote: *bump* I haven't had opportunity to review the other documents you posted. I'll take a look tonight or tomorrow and see if this is one that is a "freebie" and contact you offlist with further information. -- *

Re: [Mikrotik] IPSec

*bump* -- Mike Hammett Intelligent Computing Solutions http://www.ics-il.com - Original Message - From: "Mike Hammett" <[EMAIL PROTECTED]> To: "Mikrotik discussions" Sent: Saturday, June 07, 2008 11:49 AM Subject: Re: [Mikrotik] IPSec I had act

Re: [Mikrotik] IPSec

: [Mikrotik] IPSec So has anyone put together any step by step instructions on how to use IPSec? It has always been a pain in my backside. What options are there besides another Mikrotik on the client end? Software or hardware. Casey On 6/7/08, Mike Hammett <[EMAIL PROTECTED]> wrote: > I had

Re: [Mikrotik] IPSec

On Sun, 8 Jun 2008, Casey Mills wrote: So has anyone put together any step by step instructions on how to use IPSec? It has always been a pain in my backside. What options are there besides another Mikrotik on the client end? Software or hardware. There are LOTs of options. As for a "ste

Re: [Mikrotik] IPSec

- Original Message - > From: "Mike Hammett" <[EMAIL PROTECTED]> > To: "Mikrotik discussions" > Sent: Friday, June 06, 2008 11:33 PM > Subject: [Mikrotik] IPSec > > > > I'm trying to setup a 3.10 IPSec tunnel between two Mikrotiks. First o

Re: [Mikrotik] IPSec

t" <[EMAIL PROTECTED]> To: "Mikrotik discussions" Sent: Friday, June 06, 2008 11:33 PM Subject: [Mikrotik] IPSec > I'm trying to setup a 3.10 IPSec tunnel between two Mikrotiks. First off, > the manual isn't correct. I do exactly what they say and I get an

Re: [Mikrotik] IPSec

: "Butch Evans" <[EMAIL PROTECTED]> To: "Mikrotik discussions" Sent: Saturday, June 07, 2008 12:39 AM Subject: Re: [Mikrotik] IPSec On Fri, 6 Jun 2008, Mike Hammett wrote: I'm trying to setup a 3.10 IPSec tunnel between two Mikrotiks. First off, the manual isn

Re: [Mikrotik] IPSec

On Fri, 6 Jun 2008, Mike Hammett wrote: I'm trying to setup a 3.10 IPSec tunnel between two Mikrotiks. First off, the manual isn't correct. I do exactly what they say and I get an error. As it turns out, you're also required to choose an AH In\Out Algorithm. It also doesn't explain things

[Mikrotik] IPSec

I'm trying to setup a 3.10 IPSec tunnel between two Mikrotiks. First off, the manual isn't correct. I do exactly what they say and I get an error. As it turns out, you're also required to choose an AH In\Out Algorithm. It also doesn't explain things well, like ah-spi. How do I know it's wor

Re: [Mikrotik] [MikroTik] IPSec Configuration Problems

On Fri, 18 Jan 2008, Gene Spiker wrote: Other versions of IPSec on other systems that work off a menu such as winbox also build the interface and route. Mikrotik uses a POLICY to route the traffic...there is not a route (at least not one visible under "/ip route") for IPSEC traffic. In vers