Hi all,
I am trying to established some vpn tunnels against a Cisco 3000.
The situation is:
MK (public ip) Cisco 3000 (public ip)
(private network-10.1.0.0/16) (private network-20.1.0.0/16)
(private network-20.2.0.0/16)
The tunnel seems to work properly, but when I try to set more policies on MK v3.9 to connect more private networks, it doesn't work. It only works with the first policy.
I've tried removing all installed-sa, rebooting the MK but nothing works. It seems to use a single private network each tunnel.
Does anyone know what I am doing wrong??
Thanks a lot
-
-
plucchetti
newbie
- Posts: 33
- Joined:
Re: VPN agains Cisco 3000
You must create a different policy for each network that you wish to connect, this policies are already created?
One more thing, this scenario in working under NAT?
Pablo
One more thing, this scenario in working under NAT?
Pablo
Re: VPN agains Cisco 3000
I have the same problem.
I have a RB333, with the last RouterOS, and i can´t configure a VPN that work properly with more than one policie.
The VPN is established, and i have SA, but the traffic don´t flow by the VPN. And in the best case, it work only in one way.
I need some help about it, becasue the configuretaion on MT is simple, and it haven´t NAT or Firewall rules.
REGARDS
I have a RB333, with the last RouterOS, and i can´t configure a VPN that work properly with more than one policie.
The VPN is established, and i have SA, but the traffic don´t flow by the VPN. And in the best case, it work only in one way.
I need some help about it, becasue the configuretaion on MT is simple, and it haven´t NAT or Firewall rules.
REGARDS
Re: VPN agains Cisco 3000
Hi All,
who can me show the typical configuration to create tunnel between MK RBD450 and Cisco 3000vpn? On each side of equipment have the networks...
who can me show the typical configuration to create tunnel between MK RBD450 and Cisco 3000vpn? On each side of equipment have the networks...
Re: VPN agains Cisco 3000
This is a known bug, I reported and at least one other person several months ago. I received a response from support saying they were looking in to it and would fix it but 2 to 3 months on and still nothing. The customer we manage RouterOS for is now moving away from RouterOS due to this bug and no fix being issued.
Mikrotik, when are you going to fix this? It is a fairly big and critical bug as I can't believe there are so few that need multiple policies to a single Cisco peer.
Mikrotik, when are you going to fix this? It is a fairly big and critical bug as I can't believe there are so few that need multiple policies to a single Cisco peer.
Re: VPN agains Cisco 3000
I suppose this is about IPSec VPN. Try to set Level of IPSec policy to "unique", this solved my problem with IPSec configuration, transferred from Mikrotik 2.9.51 where I have had two policies and only one working. Level "unique" was not part of version 2.9.X.
Re: VPN agains Cisco 3000
hi dohkoo,
would you please share your config here. i need some reference for ipsec configuration.tq
would you please share your config here. i need some reference for ipsec configuration.tq
Re: VPN agains Cisco 3000
Thanks Tonda - setting the level to 'Unique' fixed the problem.
If only MikroTik had suggested this several months back when I logged a support incident!
If only MikroTik had suggested this several months back when I logged a support incident!
Re: VPN agains Cisco 3000
we are not Cisco guys, some times we can't help you with Cisco config details because we simply don't know them
Who is online
Users browsing this forum: ccaglayan, dragoncartoon and 28 guests