Hi,
I have created an aggressive-mode IPSEC tunnel via LTE from my RBD53GR-5HacD2HnD router to my central Fortigate firewall. All works fine when using a single phase2 policy but when I add a second traffic stops flowing on 1 of the 2 subnets. This doesn’t happen all the time but frequent enough that I can replicate easily.
Fortigate logs show no errors. Config attached.
Any help would be much appreciated.
Thanks
config.cfg.rsc (5.86 KB)
Do add to this;
Both sides show both phase2s as “Up”.
Everything looks successful in the IPSEC log on Mikrotik and also Fortigate.
It seems very timing related, if I disable all policies on Mikrotik and enable one at a time with a 5 second pause in between all traffic flows correctly. If I enable both without pausing in between only one policy seems to allow traffic to flow.
Very strange indeed
Happy to reward anyone who wants to get involved.
I have setup the same configuration on a Digi Transport router and that works perfectly. Seems very Mikrotik related.
Any help would be great. Thanks