Since I have finally established dynamic IPSec tunnel between two Mikrotik, I would like to know if anyone had any success doing dynamic IPSec tunnel with other vendor. We are in the process of replacing a lot of RV042 but would like to do so without replacing them all at once. Also bigger customers use Netscreen 25 appliances and we would like to keep them for the moment.
Reading the log on the Netscreen, I think MT uses its IP has PEER ID, that will cause issue when IP would be different.
Also, still looking to find usefull log on the IPSec from my Mikrotik side, is there something I should do or go to get more ifo on the connection status of my tunnel.
no, what I meant was an IPSec tunel from a dynamic, not reserved IP site to a fixed IP. But strangely I would also need to do multiple tunnel scenario, but can you just prioritized the routing table using metrics?
No because you can’t have 2 tunnels between 2 lans with the same policy (src and dst address)
You have to change it “dinamically” when some connection dies. (not sure but with netwatch and a script?) I’m new to routeros.