Evening All,
I am now a long time user of Mikrotik and Routerboard products. I have however encounted an issue I can’t seem to resolve.
Essentially I am creating a site to site IPsec tunnel between my home and a virtual server, each end of the tunnel is using a /32
Home: 10.200.200.2 (Ipsec)
Virtual Server: 10.200.200.1 (Ipsec)
Home: 10.200.201.2 (IPIP)
Virtual Server: 10.200.201.1 (IPIP)
The IPsec tunnel works perfectly, the Mikrotik initiates the connection and the Virtual server accepts it, ping works in both directions no problem.
My issue is when I try and run IPIP or GRE over this IPsec tunnel, from the Mikrotik if I ping the remote IPIP tunnel end point 10.200.201.1 I get no response. However if I leave the ping running and now go to the Virtual Server and ping 10.200.201.2 the tunnel establishes, I see ping responses on the virtual server and I also see them on the Mikrotik now responding.
The problem seems to be that the IPIP tunnel can not be bought up from the Mikrotik only from the Virtual Server. I have disabled all firewalls on the Virtual Server, I do see occasional IPIP packets arrive using TCP dump on the Virtual Server but it is not until I send traffic from the Virtual Server that the tunnel comes up.
Could any one think what could be causing the issue? Thank you in advance.
Kind Regards,
Greg Langford