I’ve got a new client that needs some more extensive encryption set up, so I’m making changes to the production network (which I don’t like to do) since I don’t have anything to test this out on 
Here’s the hardware/network scenario
Wired Network <—> RB112/2511MP (Bridged) <— 802.11b —> 2511MP/RB532/SR2 <— 802.11g —> R52/RB112 (WDS-Bridged) <— Wired Network (CPE)
The RB532 is configured as a router, with even more interfaces than what is listed. Communictions work as is, and the final link to the customer is utlizing WPA2 encryption, which is sufficient to meet their needs.
However, the “feed” link from the wired network on the left, to the RB532 is not encrypted because CM9 cards weren’t in stock when I had to deploy the link - we got stuck with the 2511MP’s because that’s all the vendor had. It’s rather inconvienant to change them out - or I’d just do so, and use WPA2 on that link and call it good.
The problem of course is that Prism 2.5 under Mikrotik doesn’t support WEP. I’ve played with various configurations of IPSEC but they either blocked communications entirely, or didn’t do anything (the “encrypted” counters did not increment).
So, how would I configure this to encrypt all traffic that passes over the 802.11b ‘feed’ link?