Answer the question
In order to leave comments, you need to log in
How to set up Cisco IPSec on Mikrotik?
There is a task: to set up a VPN server on Mikrotik, to which employees of the company will connect from the outside and have access to the terminal and mail servers. They will do this from Windows machines, as well as iOS devices.
Of the options: PPTP, L2TP + IPSec, OpenVPN chose the second one for the following reasons:
1. PPTP is vulnerable due to the MSChap.v2 authorization protocol
2. OpenVPN does not have native clients for any axis in which this VPN connection will be used.
Set up an L2TP Server with IPSec. Clients connect. Everything is fine. But there is one BUT: in the IPhone settings, we specify all the settings for connecting to the server in the L2TP section. And for this section there are no "Connect on demand" parameters. That is, if you block the phone for 5 minutes, then the VPN connection is disconnected. And after unlocking the phone, you need to go to the settings and force the VPN to turn on. In addition, naturally, when the phone is locked, mail does not arrive, since the receipt must go through the VPN channel.
We began to dig towards a solution to this problem. Found that the parameters "Connect on demand" can be set using configuration files for iOS. But they only work when using the so-called Cisco IPSec .
Googling hasn't yielded any clear results. Constantly there is infa about building tunnels between Mikrotik and cisco, where Mikrotik acts as a client.
Actually the question is: did someone manage to set up such a connection on Mikrotik? If so, how?
PS Software versions: RouterOS 6.11 (tile), iOS 7.1
Answer the question
In order to leave comments, you need to log in
I'm afraid that the tambourine will not help here. =) This "feature" in iPhones appeared due to attacks by patent trolls. And besides the cisco equipment, there is nothing to catch here.
You better tell me where you are RouterOS 6.11. And then I can’t find where the betas are.
stop!
1) there is definitely a native OpenVPN
under win, because I did it to myself))
used the iPad for a month and handed it back for fu;
3) the security and all-permeability of OpenVPN is a little higher, and the resistance to any EDGE connections is higher than the same l2tp + has a keep-alive parameter just so as not to break the connection.
In principle, I don’t see any problems with the tunnel settings between cisco and mikrotik, since the same articles are on habrahabra itself or on the official website. You can also follow this link so4net.com/index.php/ru/blog/114-ipsec-cisco-microtik
a very vivid example of setting up an ipsec tunnel between a cisco router and mikrotik.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question