Community discussions

MikroTik App
 
allevotp
just joined
Topic Author
Posts: 2
Joined: Tue Dec 01, 2020 5:33 pm

L2TP/IPSEC MikroTik Server and Cisco Router Client

Tue May 11, 2021 12:30 pm

Hi,

I need to configure a L2TP/IPSEC between a Router Cisco (client) and a MikroTik (server). I get the tunnel UP but without IPSEC, when I want to configur it with IPSEC the tunnel won't come up.
The error that I can see on MikroTik's logs is "X.X.X.X (public ip remote) ignore the packet, received unexpecting payload type 15".

The router Cisco has a public IP and the MikroTik too.
The configuration is:

Router Cisco:
pseudowire-class L2TP_PW
 encapsulation l2tpv2
 ip local interface FastEthernet0/1

crypto isakmp policy 1
 encr aes 256
 group 2
 lifetime 1800

crypto ipsec transform-set ESP-AES-256 esp-aes 256 esp-sha-hmac 
 mode transport
 
crypto isakmp key X.X.X.X (IPSEC SECRET) address X.X.X.X (MikroTik's Public IP)

crypto map L2TPMAP 1 ipsec-isakmp 
 set peer X.X.X.X (MikroTik's Public IP)
 set transform-set ESP-AES-256 
 match address L2TP-IP

interface FastEthernet0/1
 description IP Publica
 ip address X.X.X.X X.X.X.X (Cisco's Public IP)
 load-interval 30
 duplex auto
 speed auto
 crypto map L2TPMAP

interface Virtual-PPP1
 description L2PT Tunnel
 ip address negotiated
 ip pim sparse-dense-mode
 ip igmp query-interval 125
 load-interval 30
 no cdp enable
 ppp chap hostname X.X.X.X (Username of L2TP)
 ppp chap password X.X.X:X (Password of L2TP)
 ppp ipcp address accept
 pseudowire X.X.X.X 1 pw-class L2TP_PW (MikroTik's Public IP)

ip access-list extended L2TP-IP
 permit ip host X.X.X.X (Cisco's Public IP) host X.X.X.X (MikroTik's Public IP)
Between MikroTiks is working, not working only between Cisco and MikroTik. Do you know what happens?

Thanks a lot,
 
arnaucda
just joined
Posts: 1
Joined: Wed May 12, 2021 12:16 pm

Re: L2TP/IPSEC MikroTik Server and Cisco Router Client

Wed May 12, 2021 12:17 pm

I have the same problem. If someone know the solution I would really appreciate it.

Thanks!
 
allevotp
just joined
Topic Author
Posts: 2
Joined: Tue Dec 01, 2020 5:33 pm

Re: L2TP/IPSEC MikroTik Server and Cisco Router Client

Fri May 21, 2021 10:11 am

Has it happened to anyone? or that you can share your configuration that is working with L2TP / IPSEC.
Thanks!
 
jatoledano
just joined
Posts: 4
Joined: Thu Nov 24, 2011 1:22 pm

Re: L2TP/IPSEC MikroTik Server and Cisco Router Client

Sun Feb 05, 2023 10:58 pm

I made it work changing the lines to

crypto isakmp policy 5
encr 3des
authentication pre-share
group 2

Who is online

Users browsing this forum: Ahrefs [Bot], coffee1978, DanMos79, EsaqzpHot, GoogleOther [Bot] and 61 guests