IPSEC VPN On Mikrotik


I need to do an IP SEC von between my site and the isp provider. The provider offer me a user and pass for authentication and the ip where i connect to. i have the ip sec on an old RV042 router that seems is the only one that has this keep alive feature. Can somedy tell me how to do step by step the ip sec on miktrotik as all help found here and there is rather confusing if you move from those simple interface rv routers to the mikrotik. on cisco is a single page, ipm user, pass amd that is all. on mikrotik seems like a long process
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JohnBusiness Consultant (Owner)Commented:
Here is a site to site example for Microtik. I use Cisco, not Microtik.


You need IP setups, Phase 1, Phase 2, Preshared Key, Main Mode, PFS OFF, Keep alive (may be optional) and possibly NAT Traversal. All the above is available for a Cisco RV042 site to site box.

If you have an RV042 with an operation tunnel, pull it up, document all the settings, especially in the Advanced Section at the bottom.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ChrisKartsAuthor Commented:
thank you for this. i tried and seems for some reason did not work. I would like to ask though the keep alive is not on on those mikrotik will auto detect traffic and open?
ChrisKartsAuthor Commented:
will also mikrotik allow me to have an add on vpn for me for support purposes while connected already as IP sec?
JohnBusiness Consultant (Owner)Commented:
Keep Alive (on my box) does not prevent connection. It is good for keeping a connection solidly up.

If by "add on VPN" you mean another tunnel, it might. My box can support 50 tunnels.

Turn on logging on both ends, try to make a connection and see what does not work. If you do this, please post the first error message and not just the whole log.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Internet Protocol Security

From novice to tech pro — start learning today.