Answer the question
In order to leave comments, you need to log in
T
T
tarelko2017-11-15 16:30:21
tarelko, 2017-11-15 16:30:21
Routing in IPSec Mikrotik tunnel?
Good afternoon! And because of the fragmentation, it was not possible to make Kerio friends with MT. Maybe due to the fact that kerio is behind nat. Anyway.
I created a tunnel through Mikrotik and, accordingly, I see the networks behind them. But I do not see the network behind the Kerio proxy gateway, which is on the same network.
Topology
192.168.88.0/24 - ipsec - 192.168.1.0/24 - 192.168.1.2 Kerio Gateway - 192.168.2.0/24
Rules ip firewall nat add chain=srcnat dst-address=192.168.88.0/24 src-address=192.168.2.0 / 24 and on the other hand, on the contrary, alas, they do not help.
I found a way out in the ip tunnel with ipsec - set up routes - everything works, but somehow it's crooked - it wants to work, it wants not.
Is there a solution through ipsec tunnel?
1 answer(s)
@tarelko
V
Viktor Belsky, 2017-11-15 @tarelko
Raise GRE over IPSec between Mikrotiks and then you can specify routes normally and fasten dynamic routing (this is optional).
Then add a route to the network 192.168.2.0/24 on the first Mikrotik through the second Mikrotik, and on the second one add a route through Kerio, well, mask this traffic so that Kerio sends answers back correctly (or add a route to the network 192.168.88.0/24 on Kerio through the second mtik)
Similar questions
O
D
N
M
V
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question