Hi, I’m trying to connect my 2 remote sites with IPsec tunnel, but experiencing problems.
I have a topology, where one site use Mikrotik, but his gateway is private addres behind modem.
Other site have Pfsense with public address.
Mikrotik’s side:
Vienna network.jpg
Config:
Mikrotik.txt
Peer has NAT traversal turned ON
Is everything ok on this side?
There are also some other things configured on the router, but i dont think they cause problems.
I need to locate where the problem is
1.) The mikrotik will need to be the one to send the initial contact since it is behind NAT unless you are able to setup port forwarding on the modem.
2.) The Peer on the MikroTik needs to also be set to use NAT Traversal.
With both of these things set, you should now see it starting to try and establish the IPSec connection. Check your logs and troubleshoot out from there.
3.) I don’t know what your pfsense is set to use, but 3Des may or may not be the default setting it uses for encryption, also check to that the hash algorithm matches between both sites.