Community discussions

just joined
Topic Author
Posts: 3
Joined: Mon Jul 08, 2019 4:14 pm

IPSEC Traffic Flow

Fri Jul 12, 2019 12:25 pm

We have a senerio as follows;

Client Side

Have some machines that need to connect to the server side of the IP SEC on port 8288 (web server) but the traffic is going to the server and it seem to not know how to return.

Trace route from the client side lands on the server but when running a trace route from the server side back to the client it cant route... all other traffic is flowing and fine across the site to site.

Any suggestions?
Forum Guru
Forum Guru
Posts: 3814
Joined: Mon Dec 04, 2017 9:19 pm

Re: IPSEC Traffic Flow

Fri Jul 12, 2019 5:09 pm

Any details? Start from posting the configuration from both ends, concerns regarding privacy are addressed in my automatic signature below.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
User avatar
Long time Member
Long time Member
Posts: 526
Joined: Tue Jun 23, 2015 2:35 pm

Re: IPSEC Traffic Flow

Fri Jul 12, 2019 11:46 pm

Three thing you have to have for your case:
- Crrect Configuration
- Enough Bandwidth
- RouterOS which supported ipsec acceleration

I can't tell you more according your post.
Nikola Suminoski
MikroTik Consultan

!) Safe Mode is your friend;
User avatar
Forum Guru
Forum Guru
Posts: 1398
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg

Re: IPSEC Traffic Flow

Sat Jul 13, 2019 12:37 am

I suspect your problem is due to what I call "The lazy mans" routing, i.e. NATing, packets are being src NATed one direction and gets to destination and back, but from destination routing is failing.

But as per @sindy, very difficult to say exactly where problem is without more info

Who is online

Users browsing this forum: No registered users and 89 guests