Community discussions

MikroTik App
just joined
Topic Author
Posts: 1
Joined: Wed Nov 29, 2023 12:35 am

Problems with IPSEC VPN

Wed Nov 29, 2023 12:56 am

Hello all,
I hope you might help me, I'm not so expert of mikrotik devices and I'm struggling to setup a working ipsec site2site between mikrotik LTE ATL18 and a fortigate.
The tunnel itself is established, from fortigate network I can reach mikrotik and login via Winbox. From Winbox I can ping all lan devices.
Unfortunately I cannot ping other devices on the mikrotik LAN network from the fortigate lan devices.
Looking at the sniffer on both mikrotik and fortigate:
- when connection starts from fortigate I can see the request but no reply both on fortigate and on mikrotik
- when connection starts from mikrotik I cannot see the flow on fortigate (like it is going outside the ipsec tunnel). On mikrotik I see the request which is using LTE ip as source (shouldn't be the one specified in SA in ipsec policy?)

Can you please help me to troubleshoot and resolve the problem?

Thanks in advance!
Forum Guru
Forum Guru
Posts: 10192
Joined: Mon Dec 04, 2017 9:19 pm

Re: Problems with IPSEC VPN

Wed Nov 29, 2023 1:05 am

Post the output of /export hide-sensitive, between [code] and [/code] tags, after removing any additional sensitive information not suppressed by hide-sensitive (public addresses, serial numbers, usernames, secrets, private keys). Is the Mikrotik the default gateway for the LAN devices?

Who is online

Users browsing this forum: akakua, Amazon [Bot], gotsprings, m2teusz and 43 guests