Community discussions

MikroTik App
 
whitefish
just joined
Topic Author
Posts: 1
Joined: Fri Jul 23, 2021 4:20 am

Issue with IPSec IKEv2 tunnel

Fri Jul 23, 2021 4:31 am

I have set up an IPSec IKEv2 tunnel on a hap ac3 router following the following steps: https://support.nordvpn.com/Connectivit ... ordVPN.htm

I have tested this NordVPN server on my Samsung Android phone using StrongSwan and it is working fine on my phone.

I have set up the firewall rule such that all LAN clients should tunnel:

/ip firewall address-list
add address=192.168.2.0/24 list=local

Note: The router lan address is set to 192.168.2.1

However, once the peer is active, the following behavior occurs on the router:

1) the download test (speedtest.net) with a wireless client runs fine
2) the upload test (speedtest.net) is extremely slow (0.01 Mbps)
3) clients connected to LAN ports cannot access the internet

Below is the output from /ip firewall nat print

0 D ;;; ipsec mode-config
chain=srcnat action=src-nat to-addresses=10.6.1.111 src-address-list=local
dst-address-list=!local

1 ;;; defconf: masquerade
chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none

Who is online

Users browsing this forum: BrianTax, coreshock and 72 guests