Ошибки которые в журнале Mikrotik:
Код: Выделить всё
22:26:30 ipsec no template matches
22:26:30 ipsec failed to get proposal for responder.
22:26:30 ipsec,error x.x.x.x failed to pre-process ph2 packet.
Код: Выделить всё
Fatal NO-PROPOSAL-CHOSEN notify message, Phase 1 should be deleted
Код: Выделить всё
interface l2tp-server server print
enabled: yes
max-mtu: 1450
max-mru: 1450
mrru: disabled
authentication: mschap2
keepalive-timeout: 30
max-sessions: unlimited
default-profile: l2tp_profile
use-ipsec: yes
ipsec-secret: xxxxxxx
caller-id-type: number
one-session-per-host: no
allow-fast-path: no
Код: Выделить всё
ppp profile print
name="l2tp_profile" local-address=196.168.6.1 remote-address=dhcp bridge-learning=default use-mpls=default use-compression=default
use-encryption=default only-one=default change-tcp-mss=default use-upnp=default address-list="" dns-server=192.168.6.1,192.168.6.11 on-up=""
on-down=""
Код: Выделить всё
ip ipsec peer
DR name="l2tp-in-server" passive=yes profile=default exchange-mode=main send-initial-contact=yes
ip ipsec peer
0 * name="default" auth-algorithms=md5 enc-algorithms=aes-256-cbc,aes-192-cbc,aes-128-cbc lifetime=8h pfs-group=modp1024
ip ipsec profile print
0 * name="default" hash-algorithm=md5 enc-algorithm=aes-256,aes-128 dh-group=modp1024 lifetime=1d proposal-check=obey nat-traversal=yes
dpd-interval=disable-dpd
Пробовал с wiki рекомендации для iOS, не помогло:
Код: Выделить всё
/ip ipsec proposal
set default enc-algorithms=aes-128-cbc,aes-256-cbc lifetime=8h \
pfs-group=none