Community discussions

MikroTik App
 
Maarten200
just joined
Topic Author
Posts: 5
Joined: Tue Sep 27, 2016 9:56 pm
Location: Belgium

EoIP over ike2 VPN 1 side up, other down

Wed May 26, 2021 12:48 pm

Hello,

I have a strange problem with EoIP over ike2 VPN.
Everything works but when the main VPN server/router reboots the all the EoIP tunnel goes down.
EoIP doesn't come back until i change the tunnel ID on the main router and reboot the remote end routers, once vpn reconnects i can configure the EoIP tunnel ID to it original and it comes back online.
The vpn works great, i can always ping from one router to the other. Even if an EoIP tunnel is down.

I tried with different IP settings like disabling keepalive or changing the value, but doesn't work.
In the log off both routers i can't find anything use full and don't see an option to see more log output from EoIP

Setup:
NSP EoIP setup.PNG
network 10.1.20.0/23 goes from the main router to the sub sites over EoIP tunnel.
There are currently 5 working EoIP tunnels but i'm counting at around 8 i will need in the end.


Main router / VPN Server
Mikrotik RB4011
ike2 vpn ip: 192.168.55.1
/interface eoip
add allow-fast-path=no keepalive=2s,2 local-address=192.168.55.1 loop-protect=off mac-address=00:00:5E:80:0A:07 \
	name=eoip-site7 remote-address=192.168.55.107 tunnel-id=107

Remote end (behind nat)
Mikrotik RB3011
ike2 vpn ip: 192.168.55.107
/interface eoip
add allow-fast-path=no keepalive=2s,2 local-address=192.168.55.107 loop-protect=off mac-address=00:00:5E:80:0B:07 \
	name=eoip-site7 remote-address=192.168.55.1 tunnel-id=107

Any thoughts on how to solve this?

Many Thanks!
You do not have the required permissions to view the files attached to this post.
 
Maarten200
just joined
Topic Author
Posts: 5
Joined: Tue Sep 27, 2016 9:56 pm
Location: Belgium

Re: EoIP over ike2 VPN 1 side up, other down

Fri Jul 16, 2021 8:49 am

Problem fixed with mikrotik support.
In firewall needed to put my allow IPsec and GRE rules in firewall at the beginning.

Now everything works great.

Who is online

Users browsing this forum: Ahrefs [Bot], brunoemmels, gigabyte091, kolopeter, kub1x, menyarito, Speedyboat13 and 95 guests