Hello everyone,
I’ve been reading the forums quite a bit, but this is my first post. I’d appreciate any assistance you can offer.
TLDR: I’m trying to get IPSEC VPN going between an Adtran and a MikroTik. I’m having an issue passing an ID (or FQDN) for the peer from the MikroTik to the Adtran.
I have an Adtran 3448 at my datacenter (running firmware R10.7.0.E for what it’s worth). This serves as my VPN endpoint for all my remote devices. The majority of my devices right now are Adtran 3120s, but we’ve just recently started to deploy MikroTik devices for our clients. Most of the time with our Adtrans, we use domain name (which, as far as Adtran is concerned, it just needs to be a string of characters, not a FQDN) for both the remote ID and the local ID.
When we deployed our first MikroTik (RB750 running 5.24), we were able to set up IPSEC VPN by using “use Global ID” on the Adtran for the local ID and “Match any Remote ID” for the remote ID. On the MikroTik side, I left “My ID User FQDN” blank and the connection came up without issue.
Now we’re trying to deploy our second MikroTik (RB750 running 6.1) with a VPN connection and we’ve run into an issue: the Adtran cannot use “Match any Remote ID” for more than one VPN Peer. I have the ability to use:
Domain Name
Email Address
ASN D1
IP Address
I’ve tried using domain name, email address, and IP address, but none have allowed the peer to come up. I get negotiation issues on my Adtran side. I realize this is more of an issue on the Adtran side, but I’m hoping someone with Adtran or Cisco experience can point me in the right direction as far as getting a VPN peer set up. Any advice is greatly appreciated. Please let me know if you need any additional information from me.
thanks
craig