A few clients have complained that when we moved one of our providers onto a RB2011 temporarily, there Cisco site to site vpn's couldn't pass traffic. They said the connection would establish but they couldn't pass any traffic through the tunnel. I don't have much details as to there setup other then they use Cisco ASA or ISR on each end of the tunnel and at one point traverses the RB2011 with no firewall or nat rules. We had a netmap rule for certain blocks but have since disabled the natmap rules as the customer is using public IP on there routers within our network. Our assumption was they were using a private ip.
Our setup worked fine when we were using a Cisco router so the only change is we moved this provider to the Mikrotik device.
I can see tcp/udp and ipsec traffic from both sides of the connection but its kilobytes of data.
Most of what I read on the forum has to do with setting up IPSec using a Mikrotik router as a termination point, not simply a pass through. Since I don't have firewall rules, and no nat translations are being performed for the referenced subnet, is there anything I need to do in order to ensure this traffic gets routed through?
Thank you for reading my post.