I'm a newb to mikrotik so hopefully this is something easy that I am missing
I spent several hours trying to find the answer before I posted this
Using 2 Mikrotik 9B951G with v6.38.1stable
Both sites can access the internet
I have set up a simple test IPSEC site to site in my office but I can't seem to get it right
The Remote peers show established and I show the Installed SA's
I can ping the remote router both from both sides
The issue is I can't ping any devices other than the remote routers
Site A
Wan 10.1.10.10
Lan 10.192.103.0/24
Policy
Src 10.192.103.0/24
Dst 192.168.88.0/24
SA Src 10.1.10.10
SA Dst 10.1.10.11
Peer
10.1.10.11
Preshared Key ****
Sha1
aes-256
modo1024
Proposal
sha1
aes-256 cbc
aes-256 ctr
Site B
Wan 10.1.10.11
Lan 192.168.88.0/24
Policy
Src 192.168.88.0/24
Dst 10.192.103.0/24
SA Src 10.1.10.11
SA Dst 10.1.10.10
Peer
10.1.10.10
Preshared Key ****
Sha1
aes-256
modo1024
Proposal
sha1
aes-256 cbc
aes-256 ctr
I have added 3 rules to the top of the Firewall Rules, and I show traffic on 50 and 500 on both routers
Accept Input
50 ipsec esp
51 ipsec ah
500 udp
I have added a Nat rule to the TOP of the NAT table
Site A
Accept
srcnat
Src 10.192.103.0/24
Dest 192.168.88.0/24
Site B
Accept
srcnat
Src 192.168.88.0/24
Dst 10.192.103.0/24
I am also flushing the SA's when making changes
I have tried adding and IP/Routes (actually several combinations)
for example from site A
Dst 192.168.88.0/24
Gateway 10.1.10.11
Can anyone tell me what I am missing
Thanks a lot !!