Two IPSec tunnels with same peer

infrasolutions · January 28, 2019, 8:05pm

Hi, I’m trying to setup two tunnels on my Mikrotik router. Both uses the same Peer address. But they both use a different “user fqdn”.

The Goal is to have two tunnels

That takes all the traffic destined to the internet and pass it via the tunnel for webfiltering
Creating a tunnel between sites for internal communication

Everytime I’m trying to add another peer with the same IP address and a different “user fqdn” it gives me the following error (Couldn’t add New IPsec Peer - Multiple initiator peers for the same address(6)).

If you guys have any idea

thanks alot

idlemind · January 29, 2019, 2:21am

You could use two routed tunnels like GRE with different tunnel keys and wrap the traffic for both in IPSEC. A single IPSEC policy would fine to secure both tunnels. Probably have to manually do the encryption settings though