Community discussions

MikroTik App
 
jsotech
just joined
Topic Author
Posts: 2
Joined: Thu Jun 21, 2012 9:49 pm

Routing over IPSec on bonded DSL

Thu Jun 21, 2012 10:17 pm

Hello,
I'm having an issue, I can't find an answer to, so I'm here posting it.

I have a Mikrotik 750 that is being used as a dual channel DSL bond. (two DSL modems running as one)
The device is also out client gateway to the net.

I'm trying to setup a IPSec connection between this site and another site.
I actually have the connection established as I can from site A ping anything at site B.

Site A = DFL 210 - 192.1.1.0/24
Site B = MikroTik 750 - 192.168.88.0/24

Site A and B have IPSec initiated and the connection shows up at both ends.

I can ping all LAN devices AT site B from site A using their IP addresses.
I can NOT ping anything AT site A from site B using any method.
It's strange to me because I've done a similar thing before and there is no rhyme or reason why I can't ping.

Does anyone on here have any knowledge of routing on the MikroTik to allow me to ping devices at site A?

thanks for any direction towards resolve.
JSOTech
 
jsotech
just joined
Topic Author
Posts: 2
Joined: Thu Jun 21, 2012 9:49 pm

Re: Routing over IPSec on bonded DSL

Tue Jun 26, 2012 6:50 pm

Anyone know anything about routing?
 
tombee79
Member Candidate
Member Candidate
Posts: 246
Joined: Sun May 09, 2010 2:28 am

Re: Routing over IPSec on bonded DSL

Wed Jun 27, 2012 8:34 pm

HI


Try to do it with 1 line on dsl. And once that work try with 2. If it doesnt work the problem is with using 2 lines.

I hoped that can help a bit.
 
syadnom
Forum Veteran
Forum Veteran
Posts: 794
Joined: Thu Jan 27, 2011 7:29 am

Re: Routing over IPSec on bonded DSL

Thu Jun 28, 2012 12:31 am

What is a DFL 210?

Also, you are unclear on the bonding. Is this vendor operated bonding so both DSL appear as a single interface? Or is this two separate DSL lines.


I'm not a big fan of the policy based ipsec in routeros. I would instead to transport mode between SiteA DSL1 ip and SiteB DSL1 ip, same with SiteA DSL2 ip and SiteB DSL2 ip, then do a tunnel of some sort, like an ipip or eoip. Then you can do standard routing across the tunnel interfaces.

I like IPIP tunnels over ipsec best, low overhead and you can specify the local and remote ip so you dont have to do any fancy routing for your wan interface.
 
syadnom
Forum Veteran
Forum Veteran
Posts: 794
Joined: Thu Jan 27, 2011 7:29 am

Re: Routing over IPSec on bonded DSL

Thu Jun 28, 2012 12:41 am

oh, lost my train of though. EoIP tunnels can be used in a layer2 bond. You can do a bond-rr for increased capacity and auto failover.

Who is online

Users browsing this forum: No registered users and 17 guests