Community discussions

MikroTik App
 
chrisk
newbie
Topic Author
Posts: 37
Joined: Tue Mar 14, 2023 1:11 pm

IPSec issue

Wed Apr 19, 2023 10:52 am

Hi everyone. I have been having issues with IPSec on client end. It seems after disconnecting, it will not reconnect for some reason. I have to visit the premises there to manually delete dynamic peer for it to reconnect. It constantly gives the following error (logs below). Any help is appreciated!

The config export is here: viewtopic.php?t=195365 (Fixed Fiber configuration (uplink to ISP cpe)).


/ip ipsec profile
set [ find default=yes ] dh-group=modp2048 enc-algorithm=aes-256 hash-algorithm=sha256
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha256 enc-algorithms=aes-256-cbc pfs-group=modp2048

10:41:08 l2tp,ppp,info l2tp-to-bbone0: initializing...
10:41:08 l2tp,ppp,info l2tp-to-bbone0: connecting...
10:41:08 l2tp,ppp,info l2tp-to-bbone0: terminating... - tunnel was not encrypted
10:41:08 l2tp,ppp,info l2tp-to-bbone0: disconnected
10:41:10 ipsec,error initiator can't find identity for peer: l2tp-to-bbone0
10:41:18 l2tp,ppp,info l2tp-to-bbone0: initializing...
10:41:18 l2tp,ppp,info l2tp-to-bbone0: connecting...
10:41:18 l2tp,ppp,info l2tp-to-bbone0: terminating... - tunnel was not encrypted
10:41:18 l2tp,ppp,info l2tp-to-bbone0: disconnected
10:41:20 ipsec,error initiator can't find identity for peer: l2tp-to-bbone0
10:41:24 system,info peer proposal default changed by chrisckr
10:41:24 ipsec,error initiator can't find identity for peer: l2tp-to-bbone0
10:41:28 l2tp,ppp,info l2tp-to-bbone0: initializing...
10:41:28 l2tp,ppp,info l2tp-to-bbone0: connecting...
10:41:28 l2tp,ppp,info l2tp-to-bbone0: terminating... - tunnel was not encrypted
10:41:28 l2tp,ppp,info l2tp-to-bbone0: disconnected
10:41:34 ipsec,error initiator can't find identity for peer: l2tp-to-bbone0
10:41:38 l2tp,ppp,info l2tp-to-bbone0: initializing...
10:41:38 l2tp,ppp,info l2tp-to-bbone0: connecting...
10:41:38 l2tp,ppp,info l2tp-to-bbone0: terminating... - tunnel was not encrypted
10:41:38 l2tp,ppp,info l2tp-to-bbone0: disconnected
10:41:44 ipsec,error initiator can't find identity for peer: l2tp-to-bbone0
10:41:48 l2tp,ppp,info l2tp-to-bbone0: initializing...
10:41:48 l2tp,ppp,info l2tp-to-bbone0: connecting...
10:41:48 l2tp,ppp,info l2tp-to-bbone0: terminating... - tunnel was not encrypted
10:41:48 l2tp,ppp,info l2tp-to-bbone0: disconnected


After removing dynamic peer.

10:41:58 l2tp,ppp,info l2tp-to-bbone0: initializing...
10:41:58 l2tp,ppp,info l2tp-to-bbone0: connecting...
10:42:01 ipsec,info initiate new phase 1 (Identity Protection): 192.168.2.10[500]<=>213.7.231.xx[500]
10:42:02 ipsec,info ISAKMP-SA established 192.168.2.10[4500]-213.7.231.xx[4500] spi:d2a3ae6a0321f87a:0a3be58ddd70f81b
10:42:05 l2tp,ppp,info l2tp-to-bbone0: authenticated
10:42:05 l2tp,ppp,info l2tp-to-bbone0: connected
 
chrisk
newbie
Topic Author
Posts: 37
Joined: Tue Mar 14, 2023 1:11 pm

Re: IPSec issue

Wed Apr 19, 2023 5:55 pm

I'm thinking to upgrade Hap Lites to rOS 7.8 to avoid these issues with L2TP/IPSec. Would that cause resources issues with the hap lites? Would it be worth and will i be able to downgrade in case of resources issues?

Who is online

Users browsing this forum: BioMax, GoogleOther [Bot] and 21 guests