Community discussions

MikroTik App
 
User avatar
bramwittendorp
Member Candidate
Member Candidate
Topic Author
Posts: 101
Joined: Thu Jun 16, 2016 3:48 pm
Location: The Netherlands
Contact:

Third Party (SonicWall) to MikroTik Aggressive IPSec tunnel Interface

Tue Nov 13, 2018 7:14 pm

Hi guys,

I am working on a project where I have to build a setup where all traffic gets routed trough an IPSec tunnel. Since I need routing I figured out I need to use a tunnel interface either GRE or IPIP to be able to use this interface in the routing table.

On the main site we have an SonicWall firewall, not my preferred choice of course, but you have to deal with some stuff ;-). On the remote site I will have an RB3011, the remote site will have dynamic public IPs, so I need to use Aggressive or IKEv2 mode. I am able to build a regular IPsec tunnel between MikroTik and the SonicWall, while using IKEv2, this works fine, but I cannot route traffic trough this tunnel. I have tried to configure the tunnel interface, but it always needs to have both local and remote IP address, also the IKE request times out, indicating to me I need more configuration on the Policies.

I have forgotten to export the configuration, but I can wipe everything and start from scratch, so not really needed anyway i guess.

My main questions, and I hope someone has done this before me ;-):
  • Whats the best approach for me? Establish an IPSec connection manually and then configure an GRE or IPIP tunnel on top of it?
  • What configuration would suit me best?
Looking forward to hear from you guys!

Who is online

Users browsing this forum: almdandi, baragoon, Bing [Bot], GoogleOther [Bot], johnson73, loloski and 83 guests