Sometimes , but more frequently, I find my Mikrotik to Mikrotik gre/ipsec tunnel down and it comes up again very hardly....
Both routerboard are behind ISP router NAT in what they called DMZ , or "exposed hosts" , prctically all public ip incoming traffic (ports and protocols) is forwarded to a single LAN ip address (the routerboard machine one).
The initiator RB says "phase1 negotiation failed due to time up <initiator_ip_address>[4500]<=><responder_ip_address>[4500]"
The responder RB says "the packet is retransmitted by <initiator_ip_address>[4500]"
Rebooting both RB doesn't help
ISP router issue ?
Question : on GRE tunnel config, what should I specify in "Local Address" ?? The RB "wan" address facing ISP router (actual working setting) or the public ISP router ip address facing internet ?
Thank you.
Both routerboard are behind ISP router NAT in what they called DMZ , or "exposed hosts" , prctically all public ip incoming traffic (ports and protocols) is forwarded to a single LAN ip address (the routerboard machine one).
The initiator RB says "phase1 negotiation failed due to time up <initiator_ip_address>[4500]<=><responder_ip_address>[4500]"
The responder RB says "the packet is retransmitted by <initiator_ip_address>[4500]"
Rebooting both RB doesn't help
ISP router issue ?
Question : on GRE tunnel config, what should I specify in "Local Address" ?? The RB "wan" address facing ISP router (actual working setting) or the public ISP router ip address facing internet ?
Thank you.
Statistics: Posted by OKNET — Tue Mar 26, 2024 8:30 pm