Hello,

I am trying to setup a site-to-site VPN between two Mikrotik routers:

-Router A: CRS354 and
-Router B: hAP ax^2 with ROS v7.16.1

First time I tried L2TP then OPEN VPN and it didn't work anymore since v7, some forums advise to use Wireguard.

Wireguard works great on a custom port like UDP 12345 but I have a problem, even after removing OPEN VPN and L2TP configurations on both sides, I see UDP 4500 connections in /ip/firewall/connection/print that persist.

>/ip/firewall/connection/print detail
5 C protocol=udp src-address="wan_address_B:4500 dst-address=public_address_A:4500 reply-src-address=public_address_A:4500 reply-dst-address=wan_address_B:4500 timeout=0s
orig-packets=4 orig-bytes=1,408 orig-fasttrack-packets=0 orig-fasttrack-bytes=0 repl-packets=0 repl-bytes=0 repl-fasttrack-packets=0 repl-fasttrack-bytes=0
orig-rate=0bps repl-rate=0bps

On the other router A there is the same thing reversed.

When I modify the firewall rules like this:
On A 'input' udp 4500 action=drop
On B 'output' udp 4500 action=drop

The udp 4500 connections no longer appear but the counters on the rules still increase!

I deduce that the connections are only in the direction B to A

How to identify the processes that use this port?
How to disable the use of this UDP 4500 port?

Thank you very much

Sorry !

I've forgot Policies in /ip/ipsec, after delete them there is no UDP 4500 connections.

Have a nice day