Community discussions

MikroTik App
 
harleydit
just joined
Topic Author
Posts: 3
Joined: Mon Sep 26, 2022 7:19 pm

IPSec Tunnel between Mikrotik and Fortinet not sending traffic

Mon Sep 26, 2022 7:46 pm

Hi !
I'm having a problem that you may help me solve, I really hope so !

I've on Side A a Mikrotik 750GR3 (will upgrade to 4011 later on this year) and on Side B a Fortinet (don't know the model as it's a vendor's network and I do not have access to it).

I was asked to perform an IPSEC VPN TUNNEL. After some days I managed to establish the tunnel but now I'm facing a problem with packet flow.

On the IPSec policy I've configured a source address (/30) they provided and that IP is different from my actual LAN subnet.

I configured this rule in IP Firewall NAT (position 0):
add action=netmap chain=srcnat dst-address=IPSecPolicyDSTAddress src-address=\
LANSEGMENT/24 to-addresses=IPSecPolicySRCAddress

With that NAT srcnat rule configured I managed to ping from inside my LAN to my ipsec policy dst address (/24 IP) and packets are being sent through IPSEC Tunnel (Outgoing SA packet count increases), but Incoming SA is still at zero.

I think I'm missing something important... very important... but can't figure out what...

Thanks!
 
harleydit
just joined
Topic Author
Posts: 3
Joined: Mon Sep 26, 2022 7:19 pm

Re: IPSec Tunnel between Mikrotik and Fortinet not sending traffic

Thu Oct 27, 2022 1:05 am

Hi guys! I'm still testing things here, recently added some input and forward rules for destination LAN but still no luck. Any clues? I'd appreciate it.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: IPSec Tunnel between Mikrotik and Fortinet not sending traffic

Thu Oct 27, 2022 5:28 am

So "managed to ping" means that packets went to tunnel and that was it, no responses were coming back? If that's the case, then it seems that ball is in other party's court, you should ask if they see anything from you and if something from them is going back to you.
 
harleydit
just joined
Topic Author
Posts: 3
Joined: Mon Sep 26, 2022 7:19 pm

Re: IPSec Tunnel between Mikrotik and Fortinet not sending traffic

Thu Oct 27, 2022 7:16 pm

Hi Sob! Hi everyone. Mistery solved, as you said, ball was on the other party. It's working!
Thanks a lot.
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: IPSec Tunnel between Mikrotik and Fortinet not sending traffic

Thu Oct 27, 2022 8:37 pm

Good. But I would definitely have asked them sooner. :D

Who is online

Users browsing this forum: gigabyte091, Greyhard, itsbenlol, lurker888 and 90 guests