i just have replaced a pfsense with a new mikrotic (pfsense stoped after blizard).
So i try to setup same ipsec connection for mobile clients because all the mobile clients are already configured and it would be nice not to reconf every mobile client.
but... i didn't get it to work.
first of all, i'm very new to mikrotik and also no ipsec professional.
so please be patient.mobile clients are configured as follows:
-----------------
user1 password1
user2 password2
ext. IP: 112.91.83.xx
Pre-Shared Key: mybesthidedsecret
Peer identifier (user distinguished name): vpn@customer.local
-----------------
mikrotik RB2011 running 6.31:
vpn pool: 192.168.99.10-192.168.99.35
Proposal: sha1, aes-128,aes256, lifetime: 08:00:00, pfs Group: none
IPsec Peer:
adress: 0.0.0.0/0
Local Adress: 192.168.99.1
Auth Method: pre shared key xauth
secret: mybesthidedsecret
xauth Login: user1
Xauth Passwort: password1
exchange Mode: Main
Nat Traversal: checked
MY ID: Auto
Proposal Check: obey
Hash: sha1
Mode Config: vpn users
DH Group: modp 1024
Generate Policy: port overide
Mode Configs:
Name: vpn users
Adress: vpn Pool
Split Include: 192.168.0.0/24, 192.168.99.0/24
send dns: checked
Policy:
Src Adress: 0.0.0.0
Dst. Adress: 192.168.0.0/24
Template: checked
Group: default
Action: encrypt
Level: require
esp
SA Src Adress: 0.0.0.0
SA Dst. Address: 112.91.83.xx
and Firewall rules for port 500,4500
what did i forgot?