Public IP instead of private IP as Peer ID in IPSEC tunnel

zeeh1975 · September 30, 2021, 4:17pm

I have a IPSec tunnel labeled as “Movistar” whose peer ip is xxx.xxx.240.1 when tunnel is established it shows as local IP the private IP “10.20.30.2”, which results to be the Peer Id. Because they were especting public IP as Peer Id our counterpart made an exception to allow a connection with private IP as Peer Id.
I want to know how I can make router to use public router IP “xxx.xxx.57.231” as default Peer ID, I tryed to set Local address value in “IPsec Peer” but that makes tunnel to drop. So asume that’s need more configuration that I don’t know by now.

config.txt (4.94 KB)

sindy · September 30, 2021, 6:57pm

Unless you’ve obfuscated them manually, delete your config export immediately and post it without the secret values on /ip ipsec identity rows.

sindy · September 30, 2021, 7:01pm

By default, RouterOS generates the ID automatically, depending on the authentication type and other circumstances.

To set your public IP rather than the private one as your ID, set my-id=address:the.pub.lic.ip on the respective /ip ipsec identity row.

zeeh1975 · October 1, 2021, 2:47pm

Thank you for your help.