ipsec mikrotik-pix

nikolaz · February 2, 2007, 7:39am

Hi all,

IPSEC between mikrotik and pix works fine , but after a wile it just hangs and cant be established from side of PIX lan, it works only if it’s initialized from mikrotik lan.

Strange thing is that i have one pix and two mikrotik routers (one PC and one RB 153) with same version of mikrotik (2.9.34), ipsec with PC router is working without a problem and i cant say same for router board.

Does anyone had this problem and know how to solve it?

Nikola

fatonk · February 2, 2007, 7:58am

Hello,

I had a similar problem with some multitech vpn routers and cisco, so waht I have done is that I have switched from IKE IPSec to Manual, since this way the phaze 1 will not negotiate, so just try maybe it will help using manual IPSec.

Regards.

Faton.

andrewluck · February 2, 2007, 9:34am

Check the SA timeout values on both ends.

Turn on crypto debugging on the Cisco end. Lots of useful information there.

Regards

Andrew