Hello,
I can’t set these two routers to work. I struggle couple of days and nothing goes right.
Scenario is very simple, but the tunnel is down.
diagram.png
- I can ping from cisco to 192.168.1.1
- I can ping from mkrotik to 192.168.2.1
- I can ping from PC2 to PC1
- I can ping from PC1 to 1.1.1.1 but not further
- I CAN’T ping from PC1 to PC2
On cisco I get the message :
dst src state conn-id slot status
1.1.1.2 1.1.1.1 QM_IDLE 2505 0 ACTIVE
so tunnel is established, but there is no interesting packet I think.
but on mikrotik until I changed Generate Policy from [no] to [port strict], logs shows:
no policy found 192.168.2.0./24[0] 192.168.1.0/24[0]
failed to get proposal for responder
.
After I changed this to [port strict], logs shows:
ISAKMP-SA Established 1.1.1.1[500]-1.1.1.2[500]
but couple second later…
purging ISAKMP-SA Established 1.1.1.1[500]-1.1.1.2[500]
ISAKMP-SA deleted 1.1.1.1[500]-1.1.1.2[500]
this story shows over and over again.
This is the mikrotik “config”:
mikrotik.tif
And thi is the Cisco config:
cisco_config.png
Can somoene tell me what am I’ doing wrong?
I’ve watched videos on YouTube, and checked Greg Sowel examples and nothing helped.