I'm trying to setup a vpn to Oracle cloud .
but I jsut can't seem to understadn the setting I need to do in the Mikrotik
this is what Oracle is using on their side:
Code: Select all
SAKMP Protocol version 1
Exchange type: Main mode
Authentication method: pre-shared-keys
Encryption: AES-256-cbc, AES-192-cbc, AES-128-cbc
Authentication algorithm: SHA-384, SHA-256, SHA1 (also called SHA or SHA1-96)
Diffie-Hellman group: group 5, group 2, group 1
IKE session key lifetime: 28800 seconds (8 hours)
Code: Select all
IPSec protocol: ESP, tunnel-mode
Encryption: AES-256-cbc, AES-192-cbc, AES-128-cbc
Authentication algorithm: HMAC-SHA1-96
IPSec session key lifetime: 3600 seconds (1 hour)
Perfect Forward Secrecy (PFS): enabled, group 5
If I remember correct
phase1 is the peer
phase2 is the proposel
?
this is what I have in Mikrotik
Code: Select all
/ip ipsec proposal
set [ find default=yes ] lifetime=1h pfs-group=modp1536
/ip ipsec peer
add address=RemotePublicIP/32 dh-group=modp1536,modp1024,modp768 enc-algorithm=aes-256,aes-192,aes-128,blowfish,des lifetime=8h secret=*************************
and also I get error "failed to pre-process ph2 packet."
in the cloud side I see IPSec is down
Thanks ,