Firstly, I am a beginner so please excuse me if this is a very basic issue and/or question.
I recently moved house (Router2) and the new ISP only supports FTTN.
I have 2x Mikrotik devices; a CRS125-24G-1S-2HnD (Behind a FTTN modem – Router2) and a hEX (FTTH hosting internet – Router1).
Both were previously configured to host the ISP connections and had a stable IPSEC tunnel between each other.
Currently I have the IPSEC configured to point at both new remote and local addresses and but cannot establish a link and see the following:
Router2 log:
ipsec, info: ISAKMP-SA established 10.13.13.2[4500]-110...34[4500] spi:sfdjslkfjdsf******dsfsdfsdfsdfsdfds
ipsec, error: 110...34 failed to pre-process ph2 packet
ipsec, error: 110...34 peer sent packet for dead phase2
Any assistance would be greatly appreciated.
update: I just checked and I am actually about to PING in both directions if i set the gateway to the router 2 Mikrotik address as opposed to the default gateway being distributed by the FTTN modem.
further detail:
FTTN modem address 10.66.66.1 (Default gateway and DHCP/DNS server)
Mikrotik address AP 10.13.13.2 (Configured as a WISP AP)
Laptop address manually configured IP with default gateway = 10.13.13.2 allows connectivity to router 1 (10.66.66.1)
