Community discussions

MikroTik App
 
ATROX
newbie
Topic Author
Posts: 45
Joined: Mon Oct 14, 2013 2:10 pm

BUG was found. IPsec works not stable

Wed Jun 25, 2014 8:45 am

There are several tunnels IPsec. Regardless of time and without changing any settings tunnels stop working.
In the settings you can see that the key exchange in one direction occurs, but the traffic flow is not (IP->IPsec->Installed SAs->some key->Current Bytes=0).
After several reboots tunnel restored. After spending some time again stops working.
Fix please!
Remote office work impossible. Business idle incur losses

RouterOS - v6.15/6.14
HW - CCR1036-12G-4S, RB2011UiAS, RB951G-2HnD, RB2011UiAS-2HnD
 
ATROX
newbie
Topic Author
Posts: 45
Joined: Mon Oct 14, 2013 2:10 pm

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 9:00 am

I updated every 6.15.
6.15 between the same problem.
 
jarda
Forum Guru
Forum Guru
Posts: 7603
Joined: Mon Oct 22, 2012 4:46 pm

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 9:35 am

Duplicate topic? Have you sent message to support?
 
ATROX
newbie
Topic Author
Posts: 45
Joined: Mon Oct 14, 2013 2:10 pm

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 9:56 am

Duplicate topic? Have you sent message to support?
Sute on a separate issue. I really left the same message in another topic. But it is to discuss the new version. Yes, I sent a message to support.
 
User avatar
semakka
Member Candidate
Member Candidate
Posts: 196
Joined: Mon Sep 11, 2006 10:59 am
Location: Moraira, Alicante, Spain
Contact:

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 1:31 pm

set a ping script like
/ping <remote private IP> src-address=<local private IP> count=10
and run it every 5 minutes or so...

I've had the same issue when there was no traffic through the tunnels and that sorted it

cheers
 
ATROX
newbie
Topic Author
Posts: 45
Joined: Mon Oct 14, 2013 2:10 pm

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 1:50 pm

set a ping script like
/ping <remote private IP> src-address=<local private IP> count=10
and run it every 5 minutes or so...

I've had the same issue when there was no traffic through the tunnels and that sorted it

cheers
Thank you. But this is not the solution. Tunnel should work without this script. If the tunnel is too much is not the solution ...
 
User avatar
semakka
Member Candidate
Member Candidate
Posts: 196
Joined: Mon Sep 11, 2006 10:59 am
Location: Moraira, Alicante, Spain
Contact:

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 1:54 pm

you'll be surprised... I've seen IPsec tunnels behaving the same even with cisco gear...

it might not be "the solution" but it can be "a solution" :)

cheers
 
onnoossendrijver
Member
Member
Posts: 424
Joined: Mon Jul 14, 2008 11:10 am
Location: The Netherlands

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 1:57 pm

Well, this is by 'design' and not a bug. You should explicitly take precautions to keep the tunnel up. On Juniper and Cisco you need to do the same thing.
An IPSEC tunnel only stays up when there is traffic.
Linux/network engineer: ITIL, LPI1, CCNA R+S, CCNP R+S, JNCIA, JNCIS-SEC
 
ATROX
newbie
Topic Author
Posts: 45
Joined: Mon Oct 14, 2013 2:10 pm

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 2:08 pm

Well, this is by 'design' and not a bug. You should explicitly take precautions to keep the tunnel up. On Juniper and Cisco you need to do the same thing.
An IPSEC tunnel only stays up when there is traffic.
Yes, IPsec tunnel stays down if there is no traffic. But he must stays up if traffic starts. And sometimes it does not. That's what I wrote in my problem.
 
jarda
Forum Guru
Forum Guru
Posts: 7603
Joined: Mon Oct 22, 2012 4:46 pm

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 4:05 pm

So my problem is different. I have the traffic (netwatch) and the tunnel was down for two days with no evident reason. Suddenly it went up.
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 6048
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: BUG was found. IPsec works not stable

Wed Jun 25, 2014 4:57 pm

What was the ticket number?
 
ATROX
newbie
Topic Author
Posts: 45
Joined: Mon Oct 14, 2013 2:10 pm

Re: BUG was found. IPsec works not stable

Thu Jun 26, 2014 8:09 am

What was the ticket number?
Ticket#2014062566000221
 
ATROX
newbie
Topic Author
Posts: 45
Joined: Mon Oct 14, 2013 2:10 pm

Re: BUG was found. IPsec works not stable

Mon Jul 07, 2014 9:31 am

Error repeated exactly. Sending log files. The tunnel not up.
Fix please!

Who is online

Users browsing this forum: Google [Bot], Majestic-12 [Bot] and 68 guests