I have some problems finding tutorials for making this configuration.
My router is a mikrotik 1100dude and I want to connec as client to a ipsec secure gateway
The remote router is a CISCO ASA and the tunnel should be encripted with certificates.
I have the file certificate.p7b correctly imported in my mikrotik 1100, what created me three items under system/certificates, one marked as KLT and the other two as LT
Now I tryed to configure the ipsec peer unde IPsec/peers/new, in auth method I choose "rsa signature", now which certificate is the "remote certificate"?
Also which exchange mode I should use?
I have the following info from the remote peer:
IKE version: IKEv1
Auth method: certificate
DF group: 5
Life duration: 86400 sec
I know where to correctly use all of this settings but don't know where to put this configuration also supplied by the remote peer:
IPSEC SA(phase 2)
Encryption Alg: AES-256
Hash algorithm: SHA-1
Life duration: 28800sec
Bytes limit: 4608000kbytes
CNT IP plan: 220.127.116.11/28
Remote IP plan: 18.104.22.168/30
Please help me with the next steps as I can't find any tutorial about it.