Community discussions

MikroTik App
 
Chouby
newbie
Topic Author
Posts: 33
Joined: Fri Apr 07, 2017 3:49 am

IPSec tunnel

Wed May 17, 2023 10:43 pm

Hi,

I need to create an IPSec tunnel between two mikrotik.. this is done. Seem to work correctly. It say: State: established.
Topology: 192.168.1.0 (192.168.1.1 1st mikrotik) connected with remote 192.168.10.0 (192.168.10.1 2nd mikrotik)

I need to permit device 192.168.1.110 to access remote site (10.0) internet. No others for now. I miss something.. the VPN is established but I can't ping 192.168.10.xxx (all the devices) from my computer at 192.168.1.110.

Any idea?

Thanks!!
 
rbuserdl
Member Candidate
Member Candidate
Posts: 270
Joined: Thu Mar 22, 2018 1:53 pm

Re: IPSec tunnel

Tue May 23, 2023 10:40 pm

Hello Chouby!!

I think you should have an IPsec policy in 1st Mikrotik, something like this:
/ip ipsec policy
add dst-address=192.168.1.110/32 peer=your_peer proposal=your proposal src-address=192.168.10.0/24 tunnel=yes
And the following in your 2nd Mikrotik:
/ip ipsec policy
add dst-address=192.168.10.0/24 peer=your_peer proposal=your proposal src-address=192.168.1.110/32 tunnel=yes
Also ensure your firewall rules dont drop this traffic.

I hope you can solve this.
Regards,
Damián
 
Chouby
newbie
Topic Author
Posts: 33
Joined: Fri Apr 07, 2017 3:49 am

Re: IPSec tunnel

Sun Jun 11, 2023 10:28 pm

This is the screenshot from main site 192.168.1.1 and remote site 192.168.10.1
https://imgur.com/a/VGSnsVz

Nothing from 192.168.1.0 ping something to 192.168.10.0, nothing back-and-forth
What's missing?

I'm into love hate relationship with Mikrotik :lol:

Who is online

Users browsing this forum: No registered users and 10 guests