If the ipsec is disabled all looks fine.
Code: Select all
[admin@Router1] /ip/ipsec/active-peers> /ppp/active/print
Columns: NAME, SERVICE, CALLER-ID, ADDRESS, UPTIME
# NAME SERVICE CALLER-ID ADDRESS UPTIME
0 user1 l2tp 10.36.6.205 172.16.16.101 29s
Code: Select all
[admin@Router1] /ip/ipsec/active-peers> print
Flags: R - RESPONDER
Columns: STATE, UPTIME, PH2-TOTAL, REMOTE-ADDRESS
# STATE UPTIME PH2-TOTAL REMOTE-ADDRESS
;;; l2tp-in-server
0 R established 22s 1 10.36.6.205
[admin@Router1] /ip/ipsec/active-peers> print
Any idea why?
Server side config:
Code: Select all
/ip ipsec profile
set [ find default=yes ] dh-group=modp2048 enc-algorithm=aes-256
/ppp profile
add change-tcp-mss=yes local-address=172.16.16.1 name=HQ-R1 remote-address=172.16.16.101 use-encryption=yes
add change-tcp-mss=yes local-address=172.16.16.2 name=HQ-R2 remote-address=172.16.16.102 use-encryption=yes
/interface l2tp-server server
set authentication=mschap2 enabled=yes ipsec-secret=*SECRET* one-session-per-host=yes use-ipsec=yes
/ppp secret
add name=user1 password=*pw* profile=HQ-R1 service=l2tp
add name=user2 password=-pw* profile=HQ-R2 service=l2tp
Code: Select all
/ip ipsec profile
set [ find default=yes ] dh-group=modp2048 enc-algorithm=aes-256
/ppp profile
add change-tcp-mss=yes local-address=172.16.16.101 name=R1-HQ remote-address=172.16.16.1 use-encryption=yes
/interface l2tp-client
add allow=mschap2 connect-to=10.36.6.204 disabled=no ipsec-secret=*SECRET* name=R1-HQ-l2tp password=*pw* profile=R1-HQ use-ipsec=yes user=user1
[/code]