Community discussions

MikroTik App
 
sergiyd
just joined
Topic Author
Posts: 4
Joined: Tue Aug 10, 2021 12:44 pm

IPSec does not send all trafic thru VPN server

Sat Aug 14, 2021 1:45 pm

Hey there,
I have RB951Ui-2nD client that is connected to StrongSwan server thru pure IPSec IKEv2. When a peer is active all traffic goes thru the VPN server by dynamically created policy. For example, src. 10.5.0.1/32 dst 0.0.0.0/0 where 10.5.0.0/24 is a pool from the VPN server, as I understand - classic road warrior scenario. But I need only access to the VPN server, I don't need it as a gateway.
So, the question is how it could be configured to route traffic thru IPSec, only when destination is VPN server?
 
sergiyd
just joined
Topic Author
Posts: 4
Joined: Tue Aug 10, 2021 12:44 pm

Re: IPSec does not send all trafic thru VPN server

Wed Aug 18, 2021 8:05 pm

Is it so hard?
 
User avatar
own3r1138
Long time Member
Long time Member
Posts: 680
Joined: Sun Feb 14, 2021 12:33 am
Location: Pleiades
Contact:

Re: IPSec does not send all trafic thru VPN server

Sat Aug 21, 2021 9:54 am

Hey there,
I have RB951Ui-2nD client that is connected to StrongSwan server thru pure IPSec IKEv2. When a peer is active all traffic goes thru the VPN server by dynamically created policy. For example, src. 10.5.0.1/32 dst 0.0.0.0/0 where 10.5.0.0/24 is a pool from the VPN server, as I understand - classic road warrior scenario. But I need only access to the VPN server, I don't need it as a gateway.
So, the question is how it could be configured to route traffic thru IPSec, only when destination is VPN server?
Then set desired IP address as Split Include in mode-config
 
User avatar
erkexzcx
Member Candidate
Member Candidate
Posts: 263
Joined: Mon Oct 07, 2019 11:42 pm

Re: IPSec does not send all trafic thru VPN server  [SOLVED]

Tue Aug 24, 2021 7:43 pm

split-config or like this.
 
sergiyd
just joined
Topic Author
Posts: 4
Joined: Tue Aug 10, 2021 12:44 pm

Re: IPSec does not send all trafic thru VPN server

Thu Aug 26, 2021 1:48 pm

Thanks! Will try.
 
sergiyd
just joined
Topic Author
Posts: 4
Joined: Tue Aug 10, 2021 12:44 pm

Re: IPSec does not send all trafic thru VPN server

Mon Aug 30, 2021 7:08 pm

Didn't find a split-config for a non responder(maybe just misunderstood).
But it works fine with mangle -> mark connection and then specify it in a mode config.

Who is online

Users browsing this forum: Bing [Bot] and 56 guests