Hi Guys

This is my first post here and we are still fairly new to MikroTik, though are loving every minute with over 40 devices deployed now!!

We are encountering a very strange issue this morning, whereby an IPSec tunnel between our datacentre and a remote site is established, passing traffic with the exception of HTTP, the router at the remote site is running v6.34.3 (stable) and is connecting back to a CloudCore in the datacentre.

Where it gets strange - we have another site, running the same router, version and configuration, all works perfect
I can SSH from the datacentre to the remote MikroTik, I can ping from the datacentre to the remote MikroTik and network, but I cannot access the http interface of the MikroTik or any other node on the remote network, I can however RDP (3389) and browse the remote file system....its fair to say I am a little confused

Note - I have checked the route service on port 80 is not locked down to and address range and also have even tried an open firewall rule, still nothing on http

Any thoughts or suggestions would be much appreciated

Mark

**Resolved**

Just thought I would post this up incase anyone else is having the same issues.

My issue turned out to be related to MTU over the IPSec link and resolved with a little bit of Mangle as below, set on both ends of the tunnel

ip firewall mangle > add chain=forward action=change-mss new-mss=1350 passthrough=yes tcp-flags=syn protocol=tcp src-address=10.44.3.0/24 dst-address=10.10.22.0/24 tcp-mss=!0-1350