Community discussions

MikroTik App
  4. RouterOS
  5. General

IPSEC dynamic peer ip

Post Reply
 
trangtrainam
just joined
Topic Author
Posts: 2
Joined: Sat Jan 04, 2020 8:51 am

IPSEC dynamic peer ip

Thu Jan 09, 2020 11:16 am

Hello,

I have Mikrotik router on server side with static public IP. Other side have dynamic public IP and it is Edgerouter.
The traffic betwen clients works if I create ipsec policy with SA Src. Address and SA Dst. Address.

Because remote side have dynamic IP I like to have dynamic policy, that there is no need to change SA Dst. Address. I create template policy with 0.0.0.0 SA Dst. Address, IPSEC is enstablished but there is no traffic betwen?

Have can I correct set up the ipsec and policy template? Or is there some other configuration if remote peer have dynamic IP?
Top
 
angriukas
Member Candidate
Member Candidate
Posts: 103
Joined: Fri Nov 22, 2013 9:20 am
Contact:
Contact angriukas

Re: IPSEC dynamic peer ip

Thu Jan 09, 2020 4:20 pm

Firewall should allow traffic to/from tunnel:

;;; accept in ipsec policy
chain=forward action=accept ipsec-policy=in,ipsec

;;; accept out ipsec policy
chain=forward action=accept ipsec-policy=out,ipsec
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot], garibaldo, Google [Bot], subnet and 134 guests
  4. RouterOS
  5. General