MikroTik

Hello everyone,

I'm using L2TP/IPsec for vpn connection.
I noticed, that if i set IPsec secret (Interface >L2TP Sever) too complex i cannot connect.

example of too complicated password:
!@kryobhuR()67

example of password,which doesn't make troubles:
abcd123

Which settings do i have to change to use decent Ipsec secret (pre-shared key)?

EDIT:
What is IPSec peer ?

IP>IPsec>Peers?

Best regards,
nitro

There are characters that might be interpreted as part of command by one type of device but not by another type of device. In ROS, when using CLI, such special intrrpretation receives double-quote character (") as it marks strart/end of a character string (it is not always necessary to use them, but it is necessary to use them if string contains space which otherwise means start of new command argument). Which makes use of double quote as part of secret a hard task. Another example is exclamation mark (!), which is used as negation operator if entered as first character of an argument (i.e. src-address=!8.8.8.8 means address anything but 8.8.8.8 ). I'm not sure if it is interpreted this way when defining preshared secret as well.
I imagine that ROS can take quite a complex preshared secret, but some character might give problems ... perhaps it'd work if you enclosed the secret with double quotes?

( and ) are problem in your password. And I have tried ; It is also a problem.

( and ) are problem in your password. And I have tried ; It is also a problem.

Maybe bug here with (). But question is it from winbox or CLI, or both?

winbox shouldn't need any escaping (i.e. it should do that when you click OK for the config). Now at CLI you'd want double-quotes after pre-shared key="(mypsk)". But using CLI, you'd need to then escape stuff like \$ or \\ or \" if $ \ " are part of complex PSK being set.