Community discussions

MikroTik App
 
nagylzs
Member Candidate
Member Candidate
Topic Author
Posts: 124
Joined: Sun May 26, 2019 2:08 pm

Mistake in MikroTik Wiki

Fri Dec 25, 2020 12:33 pm

Hello!

I'm not sure where to submit this issue. I hope somebody who has access to the wiki will read this.

There is a mistake here:

https://wiki.mikrotik.com/wiki/Manual:I ... figuration

In the example, first we create a profile and a proposal:
It is advised to create a separate Phase 1 profile and Phase 2 proposal configurations to not interfere with any existing IPsec configuration.
/ip ipsec profile
add name=ike2-rw
/ip ipsec proposal
add name=ike2-rw pfs-group=none
Then later we create a peer, but forgot to set the profile:
Lastly, create peer and identity configurations.
/ip ipsec peer
add address=2.2.2.2/32 exchange-mode=ike2 name=ike2-rw-client
If you try the given example then it may work, because the profile was created with default options. But it is a mistake, because the peer is not assigned to the profile, and any option set on the profile won't affect the peer. I think it would be benefical to add "profile=ike2-rw" to the peer config. (But I don't have access to the wiki.)

Who is online

Users browsing this forum: Bing [Bot], Google [Bot] and 191 guests