Community discussions

MikroTik App
 
kaa52
just joined
Topic Author
Posts: 3
Joined: Tue Nov 15, 2022 3:36 pm

Cannot exclude L2TP/IPSEC from fasttrack with mangle

Tue Nov 15, 2022 3:42 pm

Hello,

I have HeX s router and VPN connection via L2TP/IPSec. I faced with low performance because of fasttrack. (Perfomance is good if FT is disabled). I created two mange rules to mark connections ipsec in/out and added exclusion to fasttrack rule. But it didn't help me: performance is bad. I switched on logging in mangle rule and noticed, that there are log records only for another tunnel - IPSEC/GRE, so mangle doesn't mark L2TP/IPSEC. Please, tell me what can be wrong? Thank you.
 
kaa52
just joined
Topic Author
Posts: 3
Joined: Tue Nov 15, 2022 3:36 pm

Re: Cannot exclude L2TP/IPSEC from fasttrack with mangle

Tue Nov 15, 2022 11:15 pm

Problem was solved. L2TP/ipsec uses transport mode and ipsec_policy in mangle rule in:ipsec is wrong for it, I used instead in:none out:none and all works great now.
 
kaa52
just joined
Topic Author
Posts: 3
Joined: Tue Nov 15, 2022 3:36 pm

Re: Cannot exclude L2TP/IPSEC from fasttrack with mangle

Wed Nov 16, 2022 6:04 am

It doesn't solve problem: with ipsec none all connection are marked ipsec, so fasttrack doesn't work. So, if somebody know solution, please, help me to fix this. Thank you in advance.

Who is online

Users browsing this forum: Bing [Bot], GoogleOther [Bot], ItchyAnkle, menyarito and 100 guests