Page 1 of 1


Posted: Wed Jun 05, 2019 12:21 am
by Boomish
Consider the following scenario

Site To Site VPN

Clients on both networks can speak to each other without a problem
Site A LAN=
Site B LAN=

So from a functional perspective VPN is working just fine.

The problem i'm having is that syslog remote logging traffic sourced from Site B Mikrotik Router is not being sent or encapsulated on the IPSEC Tunnel.

I have a Remote syslog configuration targeting a host on the network

Any Hints?


Posted: Wed Jun 05, 2019 9:58 am
by nescafe2002
Common issue. Traffic to will be routed to wan initially, therefore the router picks the ip address from the wan interface to initiate the connection.

From there, the connection won't be picked up by ipsec policy. You can create a route to the remote subnet via the lan interface to force the router to pick 192.168.3.x as source address:
/ip route
add dst-address= gateway=<name of lan interface/bridge>


Posted: Fri Jun 07, 2019 6:37 pm
by Boomish

I figured that out about a day after i posted this.

Much appreciated

Consider this topic closed.