Hi everyone. I am setting up my first Mikrotik router after being recommended from quite a few people. So far everything seems great, except I am having some issues creating an IPSec VPN tunnel between our RB450G and ISA Server 2006. The SA’s are listed as installed on the Mikrotik, however I can only ping from the ISA lan to the Mikrotik lan, and not vice-versa.
LAN 192.168.53.0/24 → Mikrotik 173.123.123.123 <-internet-> 184.123.123.123 ISA Server ← 192.168.0.0/24 LAN
Here are my configs http://pastebin.com/SjgEbYp8 (anything not listed is pretty much just a default config, have barely changed/done anything)
Here is a /ip route print http://pastebin.com/2rsgHBM8
Here is a /ip address print detail http://pastebin.com/QFvMLYKP
complete /ip firewall export http://pastebin.com/NmS5ipRc
Does anyone have any idea’s on what the issue possibly could be? Where and how should I start troubleshooting to contine. As a guess, perhaps the Mikrotik is not forwarding traffic destined to 192.168.0.0/24 through the IPSec because of a lack of route or something? Should I do anything manually to tell Mikrotik to do so, or should it happen automatically just by setting up the policy? I’m not quite sure, it’s very weird in my opinion I can ping from 192.168.0.10 to 192.168.53.10 but not vice-versa. Any help is much much appreciated! I hope I have detailed enough information, if not I will gladly provide anything else. Thanks
edit: I tried playing around with the settings, and I actually got so excited when I finally got a ping reply sent from the mikrotik lan to the isa server lan, but when I made some changes to get that to work, the ISA lan can no longer ping the MT lan!?? So it is as if it is either one side or the other which can work, not simutaneously. Does anyone have a clue why this is the case? What I did was change the SRC address to the WAN of the isa server, instead of the local network - which is very far from any guide I have read on the wiki.
I’m pretty confused, and would really really appreciate some help.
