Hi,
I have setup two mikrotiks IPsec VPN, both with similar parameters.
Mikrotik 1
Local LAN: 192.168.1.0/24, SA src address: 10.0.0.1
Remote LAN: 192.168.2.0/24, SA dst address: 10.0.0.2
but there are no "Installed SA's" and no connectivity if there is no routes. If I add the following routes:
- (Mikrotik1) 192.168.2.0/24 via 10.0.0.2
- (Mikrotik2) 192.168.1.0/24 via 10.0.0.1
then the mikrotik2 become as "Remote peers" in mikrotik1 and Installed SA's are now there with increasing "Current bytes" traffics if there is a ping running...
But this way, without IPsec VPN still there is the connectivity. Is this how it should be? when there is IPsec setup, traffic is encrypted and when there is no IPsec, traffic is plain?
Thanks