I have multiple sites connected back to a datacenter using L2TP and IPSec. This was working fine when using 5.26 on all routers. Upgraded a testing device to 6.12 and it will not connect, regardless of how each side is configured. Below is the configuration at the remote site:
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des,aes-256-cbc pfs-group=none
add enc-algorithms=3des,aes-256-cbc name=colo
/ip ipsec peer
add address=1.1.1.1/32 dpd-interval=disable-dpd enc-algorithm=3des hash-algorithm=md5 local-address=2.2.2.2 policy-group=\
default
/ip ipsec policy
add dst-address=1.1.1.1/32 priority=2 proposal=colo sa-dst-address=1.1.1.1 sa-src-address=2.2.2.2 src-address=\
2.2.2.2/32
Here is the configuration at the far end:
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des,aes-256 \
lifetime=30m name=default pfs-group=modp1024
/ip ipsec peer
add address=0.0.0.0/0 auth-method=pre-shared-key dh-group=modp1024 disabled=no dpd-interval=\
disable-dpd dpd-maximum-failures=5 enc-algorithm=3des exchange-mode=main-l2tp \
generate-policy=yes hash-algorithm=md5 lifetime=1d my-id-user-fqdn="" nat-traversal=no \
port=500 send-initial-contact=no
I have removed and rebuilt the config on th 6.12 router with no change. L2TP connects fine on it’s own, just can’t seem to do it with IPSec. Anyone see what I’m missing?