Good day!
The scheme is as follows. Microtic, on the other side Juniper. Over Juniper several subnets, 10.77.252.0/22 and 192.168.10.0 / 23. I’ve configured Ipsec. Created two policies. If only one Policy is active then everything is OK, the ping pass through. Two Policies don’t work together. ((The status of one of them, PH2 State: no phase2)
How to run in a single tunnel multiple subnets? I read that it should be put on a Level unique, it did not help.
/ip ipsec policy print
src-address=10.77.246.0/24 src-port=any dst-address=10.77.252.0/22 dst-port=any protocol=all action=encrypt level=unique ipsec-protocols=esp
tunnel=yes sa-src-address=ХХ.ХХ.ХХ.ХХ sa-dst-address=ХХ.ХХ.ХХ.ХХ proposal=test ph2-count=1
src-address=10.77.246.0/24 src-port=any dst-address=192.168.10.0/23 dst-port=any protocol=all action=encrypt level=unique ipsec-protocols=esp
tunnel=yes sa-src-address=ХХ.ХХ.ХХ.ХХ sa-dst-address=ХХ.ХХ.ХХ.ХХ proposal=test ph2-count=0
p.s Sorry for my broken english