MikroTik

Posted: **Tue Apr 27, 2021 11:21 am**

Hello to everyone. I have the obligation to mention that I am inexperienced in Mikrotik products.

Can anyone try to connect through IPsec VPN Mikrotik Routerboard hEX router to TP-LINK TL-R605 omada router. I will give a try for this. If anyone has more info about it, could you please support us! Thanks

Here is my topology

Here is my configuration of TL-LINK TL-R605

*on remote gateway I set the public IP address of network 2

Here is my configuration of Mikrotik

on address I set the public IP address of network 1

Posted: **Thu Apr 29, 2021 2:41 pm**

I make some changes:
Mikrotik Configurations

TP-LINK Configuration

I see in some video tutorials for mikrotik that phase 1 is configuration of profiles and phase 2 is proposals.
Also as you can see for tplink configuration i convert lifetime in seconds
08:00:00 is 28800 seconds
1d is 86400 seconds
And VPN dont WORK. Any advice??
Thanks a lot in advance

Posted: **Wed May 05, 2021 3:18 pm**

Any advice someone?????

Posted: **Wed May 05, 2021 3:24 pm**

I'm sorry I can't help you,
but I wanted to thank you because you are one of the few people who put up a chart to make people understand the problem.

I hope someone who knows TP-Link can help you.

Thank you.

Posted: **Sat Jul 31, 2021 1:43 am**

I, too, have been unable to make this work between a TL-R605 and an RB4011 running ROSv6.46. The Mikrotik router tries to establish a Phase 2 tunnel but never receives a reply from the TP-Link.
This Omada stuff seems to be very early stage right now.

Posted: **Mon Aug 02, 2021 12:25 pm**

Got it to work for my setup where the Omada device is on a static IP and the Mikrotik RB4011 is on a dynamic IP, initiating the IPSec tunnel from it's side.

TL-R605 Firmware: 1.1.0
RB4011 Firmware: 6.49beta46

Here are my settings:
Mikrotik side:

/ip ipsec profile
add dh-group=ecp521 enc-algorithm=aes-256 lifetime=8h name=omada
/ip ipsec peer
add address=<static WAN IP of Omada Device> exchange-mode=ike2 name=omada profile=omada
/ip ipsec proposal
add enc-algorithms=aes-256-cbc lifetime=8h name=omada pfs-group=modp1536
/ip ipsec identity
add my-id=fqdn:remote.example.com peer=omada secret=<your PSK>
/ip ipsec policy
add dst-address=192.168.0.0/24 peer=omada proposal=omada src-address=10.0.0.0/24 tunnel=yes

Omada Settings:

omada_mikrotik_vpn_settings.png

Posted: **Thu Nov 03, 2022 9:21 pm**

Got it to work for my setup where the Omada device is on a static IP and the Mikrotik RB4011 is on a dynamic IP, initiating the IPSec tunnel from it's side.

TL-R605 Firmware: 1.1.0
RB4011 Firmware: 6.49beta46

Here are my settings:
Mikrotik side:
Code: Select all
/ip ipsec profile
add dh-group=ecp521 enc-algorithm=aes-256 lifetime=8h name=omada
/ip ipsec peer
add address=<static WAN IP of Omada Device> exchange-mode=ike2 name=omada profile=omada
/ip ipsec proposal
add enc-algorithms=aes-256-cbc lifetime=8h name=omada pfs-group=modp1536
/ip ipsec identity
add my-id=fqdn:remote.example.com peer=omada secret=<your PSK>
/ip ipsec policy
add dst-address=192.168.0.0/24 peer=omada proposal=omada src-address=10.0.0.0/24 tunnel=yes
Omada Settings:
omada_mikrotik_vpn_settings.png

Hi,
Would it be possible to share further details about firewall/port forwarding configuration on both ends? Thanks in advance

MikroTik

Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada

Re: Can we connect through ipsec VPN Mikrotik RouterBoard hEX to TP-LINK TL-R605 omada