Dear ALL ,
i need your help to forward an IPSEC traffic through my Mikrotik network ,
my scenario like this i have small ISP consist of one Mikrotik router as EDG and an other as FW and also one PoP
now i have one client need to connect to his HQ in foreign country .
in all mikrotik router i allow the IPESC tunnel to pass by this commands :
/ip firewall filter
add action=accept chain=forward dst-address=\
102.219.207.180/30 ipsec-policy=in,ipsec protocol=\
ipsec-esp
add action=accept chain=input dst-address=102.219.207.180/30 \
ipsec-policy=in,ipsec protocol=ipsec-esp
add action=accept chain=input dst-address=102.219.207.180/30 \
ipsec-policy=in,ipsec protocol=ipsec-ah
add action=accept chain=forward dst-address=\
102.219.207.180/30 ipsec-policy=in,ipsec protocol=\
ipsec-ah
add action=accept chain=forward dst-address=102.219.207.182 \
dst-port=500,1701,4500,4501 in-interface=sfp-plus1 \
ipsec-policy=in,ipsec protocol=udp
add action=accept chain=forward dst-address=102.219.207.182 \
dst-port=500,1701,4500,4501 in-interface=sfp-plus1 \
ipsec-policy=in,ipsec protocol=tcp
add action=accept chain=input dst-address=102.219.207.182 \
dst-port=500,4500,4501,1701 in-interface=sfp-plus1 \
ipsec-policy=in,ipsec protocol=udp src-port=""
please advice us if i miss any configuration because the IPSEC traffic still cant go through my network .
BR