Hi there!
I have trouble with configuration a IPsec tunnel between RB750r2 with 6.32.2 and KERIO Control 8.6.2.

In case I want to connect one subnet from Mikrotik to KERIO it is working well, since I need to connect multiple subnets in Mikrotik and Kerio, peers are connected but no ping or any other packet between the Mikrotik and Kerio in any subnet.

I read an article about making site-to-site in multisubnet scenario to use policies with level set to unique. But if I create a template policy with level=unique, instances of this template are created as level=require.

So I made policies manually with level=unique and it is working, but it is not stable - connection is gone after couple of minutes.

I think that Im missing something important… Can you please advice me?

some configuration information follows:

oct/14/2015 22:31:27 by RouterOS 6.32.2

software id = H445-HYF7

/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des,aes-128-cbc pfs-group=modp1536
/ip ipsec peer
add address=94.138.xx.xx/32 dh-group=modp1536 exchange-mode=main-l2tp
generate-policy=port-override local-address=0.0.0.0 nat-traversal=no
passive=yes secret=xxxx