Hello, I’m trying to setup IPSec on Mikrotik RouterOS 6.6 but it isn’t coming up, what is wrong with my setup? Why can’t the client find any policies?
/ip ipsec mode-cfg
add address-pool=vpn-pool name=home-vpn
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-128
/ip ipsec peer
add auth-method=pre-shared-key-xauth enc-algorithm=aes-128 generate-policy=
port-strict mode-cfg=home-vpn nat-traversal=yes passive=yes secret=megasecret send-initial-contact=no
/ip pool
add name=LAN_POOL ranges=192.168.55.65-192.168.55.126
add name=vpn-pool ranges=192.168.55.128/27
30/11/13 16:04:36,727 racoon[456]: >>>>> phase change status = Phase 1 established
30/11/13 16:04:36,727 racoon[456]: IKE Packet: receive success. (MODE-Config).
30/11/13 16:04:36,727 configd[19]: IPSec Network Configuration started.
30/11/13 16:04:36,727 configd[19]: IPSec Network Configuration: INTERNAL-IP4-ADDRESS = 192.168.55.159.
30/11/13 16:04:36,727 configd[19]: IPSec Network Configuration: INTERNAL-IP4-MASK = 255.255.255.0.
30/11/13 16:04:36,727 configd[19]: IPSec Network Configuration: INTERNAL-IP4-DNS = 192.0.2.2.
30/11/13 16:04:36,727 configd[19]: IPSec Network Configuration: INTERNAL-IP4-DNS = 192.0.2.1.
30/11/13 16:04:36,727 configd[19]: Failed to add policy. Number of policies processed 0 (with 0 drained).
30/11/13 16:04:36,727 configd[19]: IPSec Controller: IPSecInstallPolicies failed ‘no policies found’
30/11/13 16:04:36,727 configd[19]: IPSec Phase1 established.
30/11/13 16:04:37,142 Console[459]: setPresentationOptions called with NSApplicationPresentationFullScreen when there is no visible fullscreen window; this call will be ignored.
30/11/13 16:04:41,019 xpcproxy[461]: assertion failed: 13A603: xpcproxy + 3438 [EE7817B0-1FA1-3603-B88A-BD5E595DA86F]: 0x2
30/11/13 16:04:49,988 com.apple.usbmuxd[64]: _SendAttachNotification Device bc:3b:af:09:c7:46@fe80::be3b:afff:fe09:c746._apple-mobdev2._tcp.local. has already appeared on interface 4. Suppressing duplicate attach notification.
30/11/13 16:04:53,572 configd[19]: IPSec disconnecting from server 81.x.x.x
30/11/13 16:04:53,572 racoon[456]: IPSec disconnecting from server 81.x.x.x
30/11/13 16:04:53,572 racoon[456]: IKE Packet: transmit success. (Information message).
30/11/13 16:04:53,573 racoon[456]: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA).
30/11/13 16:04:53,573 racoon[456]: failed to send vpn_control message: Broken pipe
30/11/13 16:04:53,574 racoon[456]: glob found no matches for path “/var/run/racoon/*.conf”
30/11/13 16:04:53,574 racoon[456]: IPSec disconnecting from server 81.x.x.x
30/11/13 16:04:53,576 configd[19]: network changed.
30/11/13 16:04:53,581 configd[19]: network changed.