MikroTik IPSEC VPN Quick setup A, B & C

A) Policy

/ip ipsec policy add action=encrypt disable=no dst-address=10.0.10.0/8 dst-port=any group=default ipsec-protocol=esp level=required proposal=fritzbox sa-dst-address=1.2.3.4 sa-src-address=4.3.2.1 src-address=10.0.20.0/8 src-port=any template=yes tunnel=yes

B) Peer

/ip ipsec peer add address=1.2.3.4 auth-method=pre-shared-key dh-group=modp1024 disabled=no enc-algorithm=aes-256 exchange-mode=aggressive generate-policy=no hash-algorithm=sha1 port=500 proposal-check=obey secret="[supersecretkey]" send-initial-contact=no

C) Proposal

/ip ipsec proposal add auth-algorithms=sha1 disabled=no enc-algorithms=3des lifetime=30m name="fritzbox" pfs-group=modp1024

aniston has written 44 articles

One thought on “MikroTik IPSEC VPN Quick setup A, B & C

Comments are closed.