How to ensure the safety of the L2TP VPN on mikrotik?
Connected two Mikrotik via VPN on the manual.
Then added firewall rules in input and forward with this option:
And found that all vpn traffic corresponds to them. What does it mean that I have not set up encryption? But ipsec proposal aes-256, that's all. Something wrong?
Then added firewall rules in input and forward with this option:
And found that all vpn traffic corresponds to them. What does it mean that I have not set up encryption? But ipsec proposal aes-256, that's all. Something wrong?
asked April 19th 20 at 12:12
4 answers
answered on
Solution
To find out whether the traffic is encrypted, which is what we need, refer to the ipsec SAs installed
In the columns you encryp Key Size and Current Bytes should be "run" byte that indicates that traffic is encrypted
If that doesn't answer your question, then ask it differently
In the columns you encryp Key Size and Current Bytes should be "run" byte that indicates that traffic is encrypted
If that doesn't answer your question, then ask it differently
run, thank you. - Mac_Torphy commented on April 19th 20 at 12:17
answered on April 19th 20 at 12:16
It seems that the Toaster can not be saved...
well, sometimes you can be blunt, what you commented on April 19th 20 at 12:19
answered on April 19th 20 at 12:18
The very fact the PPP and the establishment of keys for ipsec encryption is already a response to a question about security. And then the rules of the firewall? You should not do spin settings you don't understand.
answered on April 19th 20 at 12:20
Rules on any interface/address prefix you added?
and General post /ip firewall export /ip address export
and General post /ip firewall export /ip address export