Great vid, thanks! I am trying to establish connectivity between Mikrotik and Pfsense. Tunnel established fine but no traffic is going through the tunnel. From the Mikrotik side traceroute shows that traffic tries to go through the internet and not using the tunnel. Spent days fixing this but can't find what the problem is. Should the src NAT counter go up if I am doing a continuous ping from the Mikrotik to the remote side?
So if I am connecting 2 sites but their internal IP's are the same, do I still need to follow each step but add the same rules with identical IP's added in the rules?
What VPN method would be best for implementing a Virtual Network between a mikrotik and PC for gamming? In terms of performance, what method would best as if all the gamming PC's were on one lan network?
If you have an ARM / ARM64 board that's using ROSv7 then Zerotier is pretty solid to emulate a "LAN VPN" everyone can be on the same subnet and play as if they were directly connected on a switch. Pretty neat and has really decent performance.
Hey bud ! having issues with RouterOS V7 IPSEC tunnel forms but unable to ping across to lan subnets. Nat firewall rule in place to allow lan access across on both ends. But for the love of me I cant get the lans to communicate. Have you had issues with V7 and IPSEC ? Thanks
No issues, no. Although I haven't done many S2S setups on v7 yet. I've tested now and have a working configuration with this: pastebin.com/keBWhQAt Can try and use it, just change IP addresses and names to match your own config. Will probably make a new S2S video soon for v7. Also make sure that the NAT Accept rule is at the very TOP, else this can potentially cause issues as well.
Hello I managed to close the tunnel. I did Nat bypass. But I can't ping between the nets. What may be happening I tested my routers in the Oracle virtual box
Hi Jeronimo, this is because the router's Firewall is taking control of that routing aspect and is doing it on the backend. What you specified to be encrypted it will take those packets and just push them over the IPSEC tunnel.
That NAT rule is just there to "ALLOW" traffic between the networks. Just one of those weird things you do on MikroTik to have IPSEC working. Though I might check if things have changed with any newer versions.
Finally, a Video with ALL the bits and pieces. I was going to make one if no one else did! LOL
This tutorial save my time, resolve problem I mistakenly made yesterday, thank you
Awesome. happy this video could help you!
Awesome tutorial. IPSEC has so many options, and it's always been a mystery to me.
thanks a lot, this helps me figure out how to setup the ipsec tunnel
Glad I could help!
Well done sir. Its a very useful video and easy to learn from it. Thank you very much for the clip
Job well done! explain in detail
One question, It's possible to make the vpn connection with dynamic ip services as no-ip or dyndns?? Thanks in advance!
Same question 🤔?
Yes but we'd need more details to explain options. For example, are both sites dynamic IP or is one static and the other dynamic?
Awesome work. Really helpful. Thanks.
Great tutorial
Thanks bro. God bless you :) 11.59 you save my life:)
Great vid, thanks! I am trying to establish connectivity between Mikrotik and Pfsense. Tunnel established fine but no traffic is going through the tunnel. From the Mikrotik side traceroute shows that traffic tries to go through the internet and not using the tunnel. Spent days fixing this but can't find what the problem is. Should the src NAT counter go up if I am doing a continuous ping from the Mikrotik to the remote side?
So if I am connecting 2 sites but their internal IP's are the same, do I still need to follow each step but add the same rules with identical IP's added in the rules?
hai i have many sites like this but is it possible to do the same thing with pppoe(static ip not a dynamic one) on ether 1 not a static ip
yeah... instant like!!!
Thank you sir, sir please create a video for small wisp using mikrotik.
Hello, can you make a new one with the new version 6.48?
good job
Thanks much!!!
You're welcome!
@@TheNetworkBerg ... I just got a remote office connected to our "main campus" with this. :-)
What VPN method would be best for implementing a Virtual Network between a mikrotik and PC for gamming? In terms of performance, what method would best as if all the gamming PC's were on one lan network?
If you have an ARM / ARM64 board that's using ROSv7 then Zerotier is pretty solid to emulate a "LAN VPN" everyone can be on the same subnet and play as if they were directly connected on a switch. Pretty neat and has really decent performance.
Hi. Is there any way to make S2S ipsec vpn between routers both behind NAT? Any way of RW ipsec to router behind NAT?
I have same question
Hey bud ! having issues with RouterOS V7 IPSEC tunnel forms but unable to ping across to lan subnets. Nat firewall rule in place to allow lan access across on both ends. But for the love of me I cant get the lans to communicate. Have you had issues with V7 and IPSEC ? Thanks
No issues, no. Although I haven't done many S2S setups on v7 yet. I've tested now and have a working configuration with this:
pastebin.com/keBWhQAt
Can try and use it, just change IP addresses and names to match your own config. Will probably make a new S2S video soon for v7. Also make sure that the NAT Accept rule is at the very TOP, else this can potentially cause issues as well.
@@TheNetworkBerg thanks bro ! Will give your config a go! Have a good weekend man
👏👏👏
Hello I managed to close the tunnel. I did Nat bypass. But I can't ping between the nets. What may be happening I tested my routers in the Oracle virtual box
me also
Hi, i want to know is this protocol still in use?
Yes it is still very much widely used especially for things like connecting with Banks.
thank you
You're welcome! There is also a new updated guide I made recently here on v7
ruclips.net/video/uVag_e475zc/видео.html
Why don't I have to create a routing list to have connection between two sites?
Hi Jeronimo, this is because the router's Firewall is taking control of that routing aspect and is doing it on the backend. What you specified to be encrypted it will take those packets and just push them over the IPSEC tunnel.
@@TheNetworkBerg thanks a lot!
dankie dude !
Plesier Geoff!
good video, but i don`t understand how work this firewall nat rule
That NAT rule is just there to "ALLOW" traffic between the networks. Just one of those weird things you do on MikroTik to have IPSEC working. Though I might check if things have changed with any newer versions.
please, update this video to new IPsec version.
I recently made an updated video on IPSEC using ROSv7, you are welcome to check it out here:
ruclips.net/video/uVag_e475zc/видео.html