ipsec between Mikrotik and tmg server

Alexandrovav · March 8, 2014, 11:21am

Hello
Network diagram such
( 192.168.68.0/24 network ) — (192.168.68.2- internet ip tmg server) — Internet — (internet ip mikrotik 450g - 192.168.88.1) — (192.168.88.0/24 network )
Ipsec tunnel between TMG and mikrotik established successful . IPSEC policy tmg rise automatically , and this policy mikrotik
srs address 192.168.88.0/24 network behind mikrotik
dst address 192.168.68.0/24 network behind tmg
SA srs address 79.134.220.71 internet ip mikrotik
SA dst address 79.134.220.67 internet ip TMG

such a task . that at elevated ipsec all traffic from the network to the Internet behind mikrotik walked through ipsec on tmg and then in inetrnet .
problems:

When raised ipsec network see each other without problems, but from the himself mikrotik network behind tmg unavailable pings do not go.
2 . To direct all traffic to the tunnel Ipsec ( I think) should be changed to mikrotik policy , namely
dst address 0.0.0.0 / 0
but in this case the tunnel is not established ipsec general.
What could be the problem?

Nikanorov · January 25, 2015, 4:12pm

Hello, Alexander!
Whether it managed to you to solve a problem?
I connected the office and remote office. The ping goes to both parties. Because of a mikrotik the network responds and all resources are available. And here for for TMG passes only a ping and everything, more any resources aren’t available…
I found council that it is necessary to add to Filter Rules one more rule nat with action of forward. It didn’t help me.