Hi all,

I want to make a secure balanced fail safe link between two Mikrotiks.

Each one has two xDSL connections and a LAN behind.

As I have read in the wiki and forum, it can be done using bonding over EoIP throght a PPTP or IPSEC. More or less the PPTP procedure is clear for me. You setup the two PPTP connections and create a bonding interface linking both interfaces.

The problems come with IPSEC. How about the policies?. I setup the both Peers in each router, but whats happend with the policies to apply this IPSEC tunnels? I suppouse the policies must contain the access to each LAN behind the router.

In this case, I will have to IPSEC politics pointing the same LAN policies. Is this correct? do that work? If this option is possible here is another question.... I create a EoIP over the two ethernet linking via IPSEC? and then a bonding between them? and how about the routes? becouse the bonding has a IP and How must I set up the routes to link both LANs throught the IPSEC o throught the Bonding IPs? if I setup this over the IPSEC the bonding will not be effective and if I setup the routes over the bonding IPs the IPSEC politics will not apply....

Please someone that has setup a similar configuration could light up my mind?

Greetings

You don't have to set ipsec policies for local networks if the goal is to create eoip tunnels over ipsec tunel.
You have to create ipsec policy with transport mode enabled.