Community discussions

MikroTik App
just joined
Topic Author
Posts: 7
Joined: Tue Apr 26, 2011 8:23 am

Invalid policies in IPsec

Thu Apr 28, 2011 10:40 am

I create IPsec connection to multiply remote subnets but have some troubles with it.
Sometimes it works fine (see file "normal policy").
Sometimes some policies (one or several) become invalid (they become red in Winbox) and stop work (see files "invalid policy").
All policies are similar, attached to one peer and differ only in Dest. Address.

Why can it be? What is wrong?
You do not have the required permissions to view the files attached to this post.
just joined
Posts: 1
Joined: Mon Jun 13, 2011 3:12 pm

Re: Invalid policies in IPsec

Mon Jun 13, 2011 3:13 pm


I encountered the same problem. Did you find any solution?
Posts: 36
Joined: Wed Aug 03, 2011 7:20 pm

Re: Invalid policies in IPsec

Wed Aug 03, 2011 7:59 pm

I came across this post while trying to troubleshoot another issue. I know its been almost two months, but hopefully this will help someone in the future.

Whenever I have multiple subnets going to the same endpoint, on the first policy I set up encrypt, require, and tunnel, just like you did. However, on each subsequent policy that goes to the same endpoint, instead of require for the level, make it unique. This worked for me, anyway.

Who is online

Users browsing this forum: Baidu [Spider], Bing [Bot], EmEmz and 108 guests