Hi,
Is it just me, or is ipsec on eoip tunnels also not working / implemented?
thnx
It works. I set up such tunnels. What configuration do you have?
7.13.3? I know it works adding the ipsec key to the EoIP configuration, but no ipsec phase 1 / phase 2 is configured in /ip/ipsec?
Packet dumps also indicate gre traffic, and not ipsec traffic.
[admin@MikroTik] > /interface/eoip/print
Flags: X - disabled; R - running
0 R name="test" mtu=1500 actual-mtu=1500 l2mtu=65535 mac-address=02:10:8D:42:BD:B6 arp=enabled arp-timeout=auto
loop-protect=default loop-protect-status=off loop-protect-send-interval=5s loop-protect-disable-time=5m local-address=x
remote-address=y tunnel-id=10 keepalive=10s,10 dscp=inherit clamp-tcp-mss=yes dont-fragment=no ipsec-secret="x"
allow-fast-path=no
[admin@MikroTik] > /ip/ipsec/installed-sa/print
[admin@MikroTik] > /ip/ipsec/peer/print
Flags: X - disabled; D - dynamic; R - responder
My ROS 7.13.2
You have configured tunnels on both sides ?
Of course. The tunnel is in a Running state.
Hmpf. Will look at it some more then. Maybe I am missing something.
Local and Remote address is public or private ?
Public
Tunnel ran fine with ROSv6 ipsec enabled. Tunnel runs fine on ROSv7 too, the ipsec is just not configured and visible in /ip/ipsec, and traffic on the tunnel is unencrypted, even though ipsec is enabled on the EoIP configuration. Seems to me that ROSv7 is ignoring the ipsec secret configuration.
Maybe in log debug for IPSec you will see something ?