Настраивал и по этому примеру http://zyxel.ru/kb/1981 и по этому http://gregsowell.com/?p=787
В логе вот это:
15:06:10 ipsec,debug,packet ===
15:06:10 ipsec,debug initiate new phase 1 negotiation: 188.128.97.162[500]<=>46.227.26.169[500]
15:06:10 ipsec,debug begin Identity Protection mode.
15:06:10 ipsec,debug,packet new cookie:
15:06:10 ipsec,debug,packet 70e9b6a072843932
15:06:10 ipsec,debug,packet add payload of len 52, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 0
15:06:10 ipsec,debug,packet 344 bytes from 188.128.97.162[500] to 46.227.26.169[500]
15:06:10 ipsec,debug,packet sockname 188.128.97.162[500]
15:06:10 ipsec,debug,packet send packet from 188.128.97.162[500]
15:06:10 ipsec,debug,packet send packet to 46.227.26.169[500]
15:06:10 ipsec,debug,packet src4 188.128.97.162[500]
15:06:10 ipsec,debug,packet dst4 46.227.26.169[500]
15:06:10 ipsec,debug,packet 1 times of 344 bytes message will be sent to 46.227.26.169[500]
15:06:10 ipsec,debug,packet 70e9b6a0 72843932 00000000 00000000 01100200 00000000 00000158 0d000038
15:06:10 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 000c0004
15:06:10 ipsec,debug,packet 00015180 80010001 80030001 80020002 80040001 0d000014 4a131c81 07035845
15:06:10 ipsec,debug,packet 5c5728f2 0e95452f 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
15:06:10 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
15:06:10 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
15:06:10 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
15:06:10 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
15:06:10 ipsec,debug,packet 086381b5 ec427b1f 0d000014 16f6ca16 e4a4066d 83821a0f 0aeaa862 0d000014
15:06:10 ipsec,debug,packet 4485152d 18b6bbcd 0be8a846 9579ddcc 0d000014 12f5f28c 457168a9 702d9fe2
15:06:10 ipsec,debug,packet 74cc0100 00000014 afcad713 68a1f1c9 6b8696fc 77570100
15:06:10 ipsec,debug,packet resend phase1 packet 70e9b6a072843932:0000000000000000
15:06:10 ipsec,debug initiate new phase 1 negotiation: 188.128.97.162[500]<=>46.227.26.169[500]
15:06:10 ipsec,debug begin Identity Protection mode.
15:06:10 ipsec,debug,packet new cookie:
15:06:10 ipsec,debug,packet 70e9b6a072843932
15:06:10 ipsec,debug,packet add payload of len 52, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 13
15:06:10 ipsec,debug,packet add payload of len 16, next type 0
15:06:10 ipsec,debug,packet 344 bytes from 188.128.97.162[500] to 46.227.26.169[500]
15:06:10 ipsec,debug,packet sockname 188.128.97.162[500]
15:06:10 ipsec,debug,packet send packet from 188.128.97.162[500]
15:06:10 ipsec,debug,packet send packet to 46.227.26.169[500]
15:06:10 ipsec,debug,packet src4 188.128.97.162[500]
15:06:10 ipsec,debug,packet dst4 46.227.26.169[500]
15:06:10 ipsec,debug,packet 1 times of 344 bytes message will be sent to 46.227.26.169[500]
15:06:10 ipsec,debug,packet 70e9b6a0 72843932 00000000 00000000 01100200 00000000 00000158 0d000038
15:06:10 ipsec,debug,packet 00000001 00000001 0000002c 01010001 00000024 01010000 800b0001 000c0004
15:06:10 ipsec,debug,packet 00015180 80010001 80030001 80020002 80040001 0d000014 4a131c81 07035845
15:06:10 ipsec,debug,packet 5c5728f2 0e95452f 0d000014 8f8d8382 6d246b6f c7a8a6a4 28c11de8 0d000014
15:06:10 ipsec,debug,packet 439b59f8 ba676c4c 7737ae22 eab8f582 0d000014 4d1e0e13 6deafa34 c4f3ea9f
15:06:10 ipsec,debug,packet 02ec7285 0d000014 80d0bb3d ef54565e e84645d4 c85ce3ee 0d000014 9909b64e
15:06:10 ipsec,debug,packet ed937c65 73de52ac e952fa6b 0d000014 7d9419a6 5310ca6f 2c179d92 15529d56
15:06:10 ipsec,debug,packet 0d000014 cd604643 35df21f8 7cfdb2fc 68b6a448 0d000014 90cb8091 3ebb696e
15:06:10 ipsec,debug,packet 086381b5 ec427b1f 0d000014 16f6ca16 e4a4066d 83821a0f 0aeaa862 0d000014
15:06:10 ipsec,debug,packet 4485152d 18b6bbcd 0be8a846 9579ddcc 0d000014 12f5f28c 457168a9 702d9fe2
15:06:10 ipsec,debug,packet 74cc0100 00000014 afcad713 68a1f1c9 6b8696fc 77570100
15:06:10 ipsec,debug,packet resend phase1 packet 70e9b6a072843932:0000000000000000
Конфигурация тут:
/interface wireless
set [ find default-name=wlan1 ] l2mtu=2290
/interface ethernet
set [ find default-name=ether2 ] name=LAN1
set [ find default-name=ether1 ] name=WAN1
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=des
add auth-algorithms=md5,sha1 enc-algorithms=des,3des name=VPN-baza-ankor pfs-group=modp768
/ip address
add address=188.128.97.162/30 interface=WAN1 network=188.128.97.160
add address=192.168.1.1/24 interface=LAN1 network=192.168.1.0
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall nat
add chain=srcnat dst-address=192.168.0.0/24 out-interface=WAN1 src-address=192.168.1.0/24
add action=masquerade chain=srcnat
/ip ipsec peer
add address=46.227.26.169/32 dh-group=modp768 enc-algorithm=des hash-algorithm=md5 nat-traversal=no secret=\
test
/ip ipsec policy
add dst-address=192.168.0.0/24 proposal=VPN-baza-ankor src-address=192.168.1.0/24 template=yes
/ip route
add distance=1 gateway=188.128.97.161
/ip upnp
set allow-disable-external-interface=no
/system clock manual
set time-zone=+10:00
/system leds
set 0 interface=wlan1
/system logging
add topics=ipsec
set [ find default-name=wlan1 ] l2mtu=2290
/interface ethernet
set [ find default-name=ether2 ] name=LAN1
set [ find default-name=ether1 ] name=WAN1
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=des
add auth-algorithms=md5,sha1 enc-algorithms=des,3des name=VPN-baza-ankor pfs-group=modp768
/ip address
add address=188.128.97.162/30 interface=WAN1 network=188.128.97.160
add address=192.168.1.1/24 interface=LAN1 network=192.168.1.0
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall nat
add chain=srcnat dst-address=192.168.0.0/24 out-interface=WAN1 src-address=192.168.1.0/24
add action=masquerade chain=srcnat
/ip ipsec peer
add address=46.227.26.169/32 dh-group=modp768 enc-algorithm=des hash-algorithm=md5 nat-traversal=no secret=\
test
/ip ipsec policy
add dst-address=192.168.0.0/24 proposal=VPN-baza-ankor src-address=192.168.1.0/24 template=yes
/ip route
add distance=1 gateway=188.128.97.161
/ip upnp
set allow-disable-external-interface=no
/system clock manual
set time-zone=+10:00
/system leds
set 0 interface=wlan1
/system logging
add topics=ipsec