L2TP/IPSec for MacOS

RouterOS General
1

Hello.

I’m trying setup L2TP/IPSec server on MikroTik (CCR1009-7G-1C-1S=), for Windows and MacOS clients.
I did via MikroTik manual https://wiki.mikrotik.com/wiki/Manual:Interface/L2TP “L2TP/IpSec setup”, and it didn’t work. Windows clients work, but MacOS report what “The L2TP-VPN server did not respond.”
I’m checked MacOs on other foreign L2TP/IPSec server, it works.
Now MicroTik in on latest 6.40.4 software.
The settings which I did:

ip address add address=172.16.32.2/24 interface=bridge1-lan

interface bridge set 0 name=bridge1-lan arp=proxy-arp

ip pool add name="VPN Pool" range=172.16.32.100-172.16.32.199

ppp profile set default local-address=172.16.32.1 remote-address="VPN Pool"

ppp secret add name=user password=123
ip firewall filter add chain=input protocol=udp port=1701,500,4500 comment="Allow IPSec" place-before=0
ip firewall filter add chain=input protocol=ipsec-esp comment="Allow IPSec" place-before=0

interface l2tp-server server set enabled=yes use-ipsec=yes ipsec-secret=123 default-profile=default

Please, HELP.

2

You need to add a proposal and a peer on IPSec.
Try this:

/ip ipsec proposal
set [ find default=yes ] enc-algorithms=aes-256-cbc,aes-128-cbc,3des lifetime=8h pfs-group=none
/ip ipsec peer
add dh-group=modp1024 generate-policy=port-strict secret=VerySecretPasswordHere

And in your mac when you need to put your password and in Auth you have to use a Preshared Secret and there you need to add the one you use in IPsec settings.

Hope i made my self clear, sorry for the english.

Regards
JB

3

Hello.
Sorry for so long delay.
You offer just add default proposal 3des and change pfs-group to none. All others I default.
It’s not work, Windows Ok but on Mac reported “The L2TP0VPN server did not respond.”
I checked on:
6.40.4
6.40.3
6.40.2
6.40.1
6.38.7
Now I’m on 6.39.3

4

Don’t use special symbol “%” in password