Community discussions

MikroTik App
 
zuku
Member Candidate
Member Candidate
Topic Author
Posts: 109
Joined: Sat Jun 27, 2015 3:56 pm

Ipsec with destination 0.0.0.0/0 and local lan disconnecting

Mon Apr 26, 2021 6:09 pm

Hi,
I would to configure Mikrotik IPSEC, to forward all local subnet throught remote site, so created Ip Ipsec Policy:
/ip ipsec policy
add action=none dst-address=192.168.5.0/24 src-address=192.168.5.0/24
add action=none dst-address=10.11.0.0/20 src-address=10.11.0.0/20
add dst-address=0.0.0.0/0 peer=Remote_Router proposal=Remote_Router sa-dst-address=x.x.x.30 \
    sa-src-address=x.x.x.122 src-address=192.168.5.0/24 tunnel=yes
add dst-address=0.0.0.0/0 level=unique peer=Remote_Router proposal=Remote_Router sa-dst-address=\
    x.x.x.30 sa-src-address=x.x.x.122 src-address=10.11.0.0/20 tunnel=yes
	
and then configured NAT:
/ip firewall nat
add action=accept chain=srcnat dst-address=0.0.0.0/0 src-address=192.168.5.0/24
add action=accept chain=srcnat dst-address=0.0.0.0/0 src-address=10.11.0.0/20
add action=masquerade chain=srcnat out-interface=sfp1
The problem, I every couple of seconds loose connectivity on all computers in 192.168.5.0 lan, pings from mikrotik to local lan looks like:
[admin@Mikrotik] > ping 192.168.5.71 
  SEQ HOST                                     SIZE TTL TIME  STATUS                                   
    0 192.168.5.71                               56 128 0ms  
    1 192.168.5.71                               56 128 0ms  
    2 192.168.5.71                               56 128 0ms  
    3 192.168.5.71                               56 128 0ms  
    4 192.168.5.71                               56 128 0ms  
    5 192.168.5.71                               56 128 0ms  
    6 192.168.5.71                               56 128 0ms  
    7 192.168.5.71                               56 128 0ms  
    8 192.168.5.71                               56 128 0ms  
    9 192.168.5.71                               56 128 0ms  
   10 192.168.5.71                               56 128 0ms  
   11 192.168.5.71                               56 128 0ms  
   12 192.168.5.71                               56 128 0ms  
   13 192.168.5.71                               56 128 0ms  
   14 192.168.5.71                               56 128 0ms  
   15 192.168.5.71                               56 128 0ms  
   16 192.168.5.71                               56 128 0ms  
   17 192.168.5.71                               56 128 0ms  
   18 192.168.5.71                               56 128 0ms  
   19 192.168.5.71                                            timeout                                  
    sent=20 received=19 packet-loss=5% min-rtt=0ms avg-rtt=0ms max-rtt=0ms 
  SEQ HOST                                     SIZE TTL TIME  STATUS                                   
   20 192.168.5.71                                            timeout                                  
   21 192.168.5.71                                            timeout                                  
   22 192.168.5.71                                            timeout                                  
   23 192.168.5.71                                            timeout                                  
   24 192.168.5.71                                            timeout                                  
   25 192.168.5.71                                            timeout                                  
   26 192.168.5.71                                            timeout                                  
   27 192.168.5.71                                            timeout                                  
   28 192.168.5.71                                            timeout                                  
   29 192.168.5.71                                            timeout                                  
   30 192.168.5.71                                            timeout                                  
   31 192.168.5.71                                            timeout                                  
   32 192.168.5.71                                            timeout                                  
   33 192.168.5.71                                            timeout                                  
   34 192.168.5.71                                            timeout                                  
   35 192.168.5.71                                            timeout                                  
   36 192.168.5.71                                            timeout                                  
   37 192.168.5.71                                            timeout                                  
   38 192.168.5.71                               56 128 0ms  
   39 192.168.5.71                               56 128 0ms  
    sent=40 received=21 packet-loss=47% min-rtt=0ms avg-rtt=0ms max-rtt=0ms 
  SEQ HOST                                     SIZE TTL TIME  STATUS                                                          
   61 192.168.5.71                               56 128 0ms  
   62 192.168.5.71                               56 128 0ms  
   63 192.168.5.71                               56 128 0ms  
   64 192.168.5.71                               56 128 0ms  
   65 192.168.5.71                               56 128 0ms  
   66 192.168.5.71                               56 128 0ms  
   67 192.168.5.71                               56 128 0ms  
   68 192.168.5.71                               56 128 0ms  
   69 192.168.5.71                               56 128 0ms  
   70 192.168.5.71                               56 128 0ms  
   71 192.168.5.71                               56 128 0ms  
   72 192.168.5.71                               56 128 0ms  
   73 192.168.5.71                               56 128 0ms  
   74 192.168.5.71                               56 128 0ms  
   75 192.168.5.71                               56 128 0ms  
    sent=76 received=36 packet-loss=52% min-rtt=0ms avg-rtt=0ms max-rtt=0ms 
 
zuku
Member Candidate
Member Candidate
Topic Author
Posts: 109
Joined: Sat Jun 27, 2015 3:56 pm

Re: Ipsec with destination 0.0.0.0/0 and local lan disconnecting

Tue Apr 27, 2021 11:43 am

Problem resolved, was not related to mikrotik config.

Who is online

Users browsing this forum: Bing [Bot], CGGXANNX, elbob2002, godel0914, K0NCTANT1N, nz_monkey, qatar2022 and 84 guests