Hello,
i want to build a VPN IPSEC connection between Mikrotik Router with fix puplic IP-adress
and a AVM FritzBox with dynamic puplic IP-adress.
Have anyone an Idee
(I havn´t good vpn knowlege, but i will pay für Support)
Thank you, BR Thomas
push
Hi
Did you manage to get this scenario to work?
Thanks for a reply
really frustrating topic, nothing’s really working. I’m going to get in touch with the support team, maybe they’ve got an idea,
regards,
redflag237
Hello everybody,
Any news regarding this issue? I’m trying to get my ipsec between RB & Fritzbox working.
Thank you in advance,
Hi all,
Finaly i found the way to get it working, here is the fritzbox config :
vpncfg {
connections {
enabled = yes;
editable = yes;
conn_type = conntype_lan;
name = "IPSec2Mkt"; // Name of the connection
boxuser_id = 0;
always_renew = yes;
reject_not_encrypted = no;
dont_filter_netbios = yes;
localip = 0.0.0.0;
local_virtualip = 0.0.0.0;
remoteip = xxx.xxx.xxx.xxx; // Remote IP
remote_virtualip = 0.0.0.0;
keepalive_ip = 0.0.0.0;
localid {
fqdn = "$$$$D2GZVKMCVTYZFEPAH1FJ4JGTX6URTE1SVAHTUJ3GBHRJUZ251NFNDE3MCQYZ21RWWNJ1NWPIBYP6G32J";
}
remoteid {
ipaddr = xxx.xxx.xxx.xxx; // Remote IP
}
mode = phase1_mode_idp;
phase1ss = "alt/aes/sha";
keytype = connkeytype_pre_shared;
key = "PRESHAREDKEY"; // Presharedkey
cert_do_server_auth = no;
use_nat_t = yes;
use_xauth = no;
use_cfgmode = no;
phase2localid {
ipnet {
ipaddr = 192.168.178.0; // Local Subnet
mask = 255.255.255.0;
}
}
phase2remoteid {
ipnet {
ipaddr = 192.168.88.0; // Remote Subnet
mask = 255.255.255.0;
}
}
phase2ss = "esp-3des-sha/ah-no/comp-no/pfs";
accesslist = "permit ip any 192.168.88.0 255.255.255.0";
}
ike_forward_rules = "udp 0.0.0.0:500 0.0.0.0:500",
"udp 0.0.0.0:4500 0.0.0.0:4500";
}
// EOF
Mikrotik Configuration :
Phase1 :
- Authentication : SHA1
- Encryption : AES-256
- DH Group 2
- Nat-t : disabled
Phase2 :
- Authentication : SHA1
- Encryption : 3DES
- DH Group 2
Hi evince,
thank you very much for your information!! I’m working at the same topic but I can’t establish a working VPN Connection between FritzBox an Mikrotik.
I have been trying for weeks.
Could you post your Mikrotik config or send some screenshots of the WinBox configuration windows?
You are my home! 
Thanks!!
Because FritzBox is very popular router in Germany: Do you speak german?
hansmeier61. Did you enabled the logging for ipsec ?
/system logging add topics=ipsec
No. I will try this and look into the log. But it would be much easy with a correct configuration on the Mikrotik side.
So if you can offer a working configuration, please, please, post it!
I didn’t read nothing about AVM FritzBox until I saw it on your post. So I cannot help you.
Try reading tutos of how to config Mikrotik against IPSEC Cisco.
Hi hansmeier61,
Can you tell me what kind of fritzbox do you use? And which firmware?
With the new one, you just need to run the Wizard and all is working.
Let me know if you need further assistance.
Bests Regards,
Hi evince,
I am currently using a AVM Fritz Box 7390 with Firmware FRITZ!OS 06.03.
I am not sure what you want to tell me. You posted the config for the FritzBox. But what are the configuration settings for the Mikrotik router? Or do you want to tell me that there is also a Wizard in Mikrotik? I do not know any wizard in Mikrotik for VPN! What I know is the winbox.exe configuration tool. The I go to IP, then to IPsec. Then I have to make settings there for policies, Peers, remote Peers, proposals …
I did this in a way it shoud match to your FritzBox VPN config file but I do not get a connection. So I want to know what you have configured on policies, Peers, remote Peers, proposals …
Do you understand me now, what I want from you. I would like some screenshots of These pages (policies, Peers, remote Peers, proposals …).
Thanks!!
Hi hansmeier61,
Here is the screenshot :http://www.hostingpics.net/viewer.php?id=160663ipsecfritz2.png
Bests Regards,
Hi, have you fixed it ?
I also Need a IPSec Connection between a FritzBox (new Fritz OS)
and a MikroTik.
Maybe someone can help me ???
Hello, can you tell me if the connection is established or not?
I can tell you it is working, i just build a vpn and all is working