Hi there,
I have three sites connected to HQ via vpn tunnels. All sites and HQ have AC2 Mikrotik routers, HQ router has fixed IP and connects direct to internet via pppoe and all three sites had dynamic external IPs ansd sit behind telcos routers with DMZ to the AC2.
I use IPSec tunnels with IKE2 exchange, preshared KEY, esp protocol and the profile and policy proposal use the hardware ipsec offload that AC2 offers.
Everything works like a champ but, when there is a power rundown in one of the sites, when power comes up and router start again I get a “no phase 2” and there is no traffic through the vpn. Checked everything and all related ipsec matters are OK. The only way to get it back online is to remove all ipsec related info and type it again, then, as soon as you type enter in the last entry (I always leave policy the last), you get connected again…
Any light?
Thank you in advance