I've two Mikrotik devices establishing an IPSec VPN and I see lots of logs with the connection state: invalid src-mac: xx:....
The log output is:
Code: Select all
FROM P2 to P1 prerouting: in:ether1 out:(unknown 0), connection-state:invalid src-mac 00:a5:bf:0f:3c:19, proto TCP (ACK,PSH), 192.168.50.70:58422->192.168.49.4:445, len 296
Code: Select all
ip firewall raw print detail
Flags: X - disabled, I - invalid; D - dynamic
0 D ;;; special dummy rule to show fasttrack counters
chain=prerouting action=passthrough
1 chain=prerouting action=accept log=yes log-prefix="FROM P2 to P1" src-address=192.168.50.0/24 dst-address=192.168.49.0/24
2 chain=prerouting action=accept log=yes log-prefix="FROM P1 TO P2" src-address=192.168.49.0/24 dst-address=192.168.50.0/24
Code: Select all
connection-state:invalid src-mac 00:a5:bf:0f:3c:19
Code: Select all
16 DC 184.xxx.xxx.1 00:A5:BF:0F:3C:19 ether1
I'm pretty sure I've done a wrong configuration somewhere but where?
Thank you