Greetings, everyone.
I was wondering if anybody experienced a problem like me - since I cant fully understand why it is happening and how to deal with it.
On my Mikrotik with 6.49.1 RouterOS version I have one net 192.168.1.0/24 and 10+ IPSEC tunnels with different other vendors hardware. They work as expected with different phase 1 and 2 tweaks and basic peer and policy configurations, nothing too fancy. I have a masquerade NAT rule to enable users to use internet and I also have “ipsec policy out none” checkboxed to let traffic flow into the tunnel and not being NATted when sent to the tunnels destination nets.
Here’s the most interesting part: when upgraded up to RouterOS 7.11.2, and having the same configuration I tried to establish a tunnel with a different Mikrotik that was RouterOS 7.11.2 and everything worked, BUT, not my other tunnels towards other vendors hardware. The tunnels were “established”, and the traffic went only in RX or TX randomly. Some servers were able to send packets towards me through the tunnel, with no respond, and some were able to recieve packets from me, but no respond.
Tried everything - disabling firewall, playing with NAT configurations and nothing helped. Downgraded to 6.49.1 and everything worked as expected.
Please, I would really appreciate if some of you guys know the answer or could just show a basic configuration example on 7.11.2 with IPSEC tunnels and NAT rules that do work!