Hello all,

i use 2 Mikrotik RB2011UiAS boards with 6.21 and also now tested with 6.22 RouterOS.

For the configuration i followed the wiki guide and the phase 1+2 process seem to work. I have SAs on both routers and also i have on place 0 the NAT bypass. My firewall rules allow AH+ESP aswell as UDP 500 (IKE).

i only get the SAs up, then i ping from router A to router B (or vice versa) when i set "bridge-local" as source interface.

But then when the SAs are up, no ping is going through the tunnel. both sides still count 0 bytes on the SAs. The ping window gives me just timeouts as feedback.

As far as i underatand, with the ipsec policies i don't need to setup extra ip routes to reach the networks on the other side of each tunnel, right?

Well, the only difference from the original wiki example is maybe that i#m not binding the local LAN networks to an interface - i bound them to bridge-local. But this should not be the issue, or not?

Thanks in advance for any suggestions that may help.

-EntireNet-

Hi!
I have very similar problem. Did you figure it out ?

Hi all,

Did you find any solution? i have similar problem too

Regards

Hi all,

Did you find any solution? i have similar problem too

Regards

Did you try ping to remote router from local interface (bridge or local ethernet interface) ?

have you added your NAT bypass rules?

also check your firewall rules and see if these are blocking it, just temporarily disable them and see if you can get traffic passing through the tunnel.