In this article I will point out the most common errors, which you may face when troubleshooting IPsec/L2TP. It will be a short one in the beginning, but I will be adding more examples with the time (and issues 😀 ).
The important thing here is that, the first step is establishing the IPsec connection and after that the L2TP tunnel.
If you are trying to establish a site-to-site connection between two Mikrotiks through IPsec/L2TP and you see this:
“xxx.xxx.xxx.xxx peer sent packet for dead phase2”
For some reason you are not able to establish IPsec connection.
Check your exchange mode to be the same on the two devices:Â /ip ipsec peer printÂ
Make sure that for every ppp profile there is local address being set:Â /ppp profile print
There is no problem to be the same for all of the profiles, but there must be one.
thanks a lot!
You are absolutely right!
and after all – don’t forget reboot your device =)