Does anyone can help me with real example of MT box side?
I want to connect to LAN (inside network) by Cisco VPN client (or other VPN client).
The only one thing that I understand now is that I need to create peer (0.0.0.0)
[admin@MikroTik] > ip ipsec peer print
Flags: X - disabled
0 address=0.0.0.0/32:500 auth-method=pre-shared-key secret=“key1”
generate-policy=yes exchange-mode=main send-initial-contact=yes
nat-traversal=yes proposal-check=obey hash-algorithm=sha1
enc-algorithm=3des dh-group=modp1024 lifetime=1d lifebytes=0
[admin@MikroTik] >
What I should do the next?
I think that I need to attach “IP POOL” to this peer. The IP addresses from this pool should be attached to client who will connect remotely. The other thing that I understand is that there should be the way to have more than one pre-shared-key for such connection. I mean I want to have some different remote user (with different passwords). And the best way is to have opportunity to get pre-shared-key (usually username/password) from Radius. Is it possible?