How to ensure the safety of the L2TP VPN on mikrotik?

Connected two Mikrotik via VPN on the manual.
Then added firewall rules in input and forward with this option:
5e974d122e707966931527.png

And found that all vpn traffic corresponds to them. What does it mean that I have not set up encryption? But ipsec proposal aes-256, that's all. Something wrong?
April 19th 20 at 12:12
4 answers
April 19th 20 at 12:14
Solution
To find out whether the traffic is encrypted, which is what we need, refer to the ipsec SAs installed
In the columns you encryp Key Size and Current Bytes should be "run" byte that indicates that traffic is encrypted
5e9978b02a1f7965522251.png

If that doesn't answer your question, then ask it differently
run, thank you. - Mac_Torphy commented on April 19th 20 at 12:17
April 19th 20 at 12:16
It seems that the Toaster can not be saved...
well, sometimes you can be blunt, what you - Mac_Torphy commented on April 19th 20 at 12:19
April 19th 20 at 12:18
The very fact the PPP and the establishment of keys for ipsec encryption is already a response to a question about security. And then the rules of the firewall? You should not do spin settings you don't understand.
April 19th 20 at 12:20
Rules on any interface/address prefix you added?
and General post /ip firewall export /ip address export

Find more questions by tags MikrotikVPN