failure: The policy is invalid

sdglg · February 14, 2012, 10:04am

RB450G, v5.9:

/ip ipsec policy> add src-address=192.168.200.0/24 src-port=any dst-address=192.168.77.0/24 dst-port=any sa-src-address=192.168.66.4 sa-dst-address=192.168.67.236 tunne
l=yes action=encrypt proposal=default protocol=all
failure: The policy is invalid

/ip ipsec policy add src-address=192.168.200.0/24 dst-address=192.168.77.0/24 action=encrypt tunnel=yes sa-src=192.168.66.4 sa-dst=192.168.67.236
failure: The policy is invalid

Why can’t I add this ipsec policy, any suggestion?

vik1988 · February 18, 2012, 5:13am

/ip ipsec policy add src-address=192.168.200.0/24 dst-address=192.168.77.0/24 action=encrypt tunnel=yes sa-src=192.168.66.4 sa-dst=192.168.67.236

i just copied this on my Mikrotik router. and it is added..

chk this

0 src-address=192.168.200.0/24 src-port=any dst-address=192.168.77.0/24 
     dst-port=any protocol=all action=encrypt level=require ipsec-protocols=esp 
     tunnel=yes sa-src-address=192.168.66.4 sa-dst-address=192.168.67.236 
     proposal=default priority=0