The tunnel seems to work properly, but when I try to set more policies on MK v3.9 to connect more private networks, it doesn’t work. It only works with the first policy.
I’ve tried removing all installed-sa, rebooting the MK but nothing works. It seems to use a single private network each tunnel.
You must create a different policy for each network that you wish to connect, this policies are already created?
One more thing, this scenario in working under NAT?
I have a RB333, with the last RouterOS, and i can´t configure a VPN that work properly with more than one policie.
The VPN is established, and i have SA, but the traffic don´t flow by the VPN. And in the best case, it work only in one way.
I need some help about it, becasue the configuretaion on MT is simple, and it haven´t NAT or Firewall rules.
This is a known bug, I reported and at least one other person several months ago. I received a response from support saying they were looking in to it and would fix it but 2 to 3 months on and still nothing. The customer we manage RouterOS for is now moving away from RouterOS due to this bug and no fix being issued.
Mikrotik, when are you going to fix this? It is a fairly big and critical bug as I can’t believe there are so few that need multiple policies to a single Cisco peer.
I suppose this is about IPSec VPN. Try to set Level of IPSec policy to “unique”, this solved my problem with IPSec configuration, transferred from Mikrotik 2.9.51 where I have had two policies and only one working. Level “unique” was not part of version 2.9.X.