Community discussions

MikroTik App
 
vuk
just joined
Topic Author
Posts: 4
Joined: Tue Apr 18, 2023 3:03 pm

Site to Site VPN with IPSec setup (over L2TP)

Wed Apr 26, 2023 1:58 am

Hi,

I have the following configuration:

Image

1. hosted server as l2tp-server 172.16.46.1 (it has also pubic ip)

2. Site1: hap ac3
- l2tp-client with ip: 172.16.46.2,
- ipip tunnel with ip: 192.168.99.1,
- bridge (lan) with ip: 192.168.88.0/24

3. Site2: hap ac3
- l2tp-client with ip 172.16.46.3,
- ipip tunnel 192.168.99.2,
- bridge (lan) with ip: 192.168.89.0/24

There is IPSec (SHA256, AES-256-CBC, DH modp2048) set on the IPIP tunnel, because I don't have access to the server to put IPSec on the L2TP.

The IPSec (and the tunnel) works fine with both setups
1) on the LAN address of each site
2) on the IPIP Tunnel IPs of each site

Image

Can someone please help, what's the difference between using LAN IP vs. IPIP Tunnel IP in the IPSec policy?

Who is online

Users browsing this forum: arebelo, Luanscps and 82 guests