Alright I have some more information on this issue. Took the clients router to our site. With two rb800's linked wirelessly. When I had the switch port set to untag the vlan everything worked going through the wireless link.
As soon as I turned on vlan tagging and told the cpe to untag the traffic the tunnel broke. Is there some problem with mt's when you start doing vlans? Do they not know how to negociate the packets to handle a full mtu load? Are there mtu settings I need to be changing on radios I have vlans on? Thanks, any ideas really help. -Keith- From my phone... -----Original Message----- From: "Keith Barber" <[email protected]> Sender: [email protected] Date: Tue, 9 Nov 2010 12:08:42 To: mikrotik<[email protected]> Reply-To: Mikrotik discussions <[email protected]> Subject: [Mikrotik] IPSec Tunnel won't Form over Wireless Link Good afternoon everyone. I have a bit of problem for a big client that is trying to setup an IPsec tunnel to their corporate offices. The setup is as follows: CoreRouter -> L2Switch -> AP -> CPE The router and switch are strictly vlan. The same vlans are being handed out through the Ap to the CPE. The cpe is in wds mode. The vlan interface is then bridged to the ether interface. We also tried untagging of the vlans from a switch plugged into the cpe, instead of making the Mikrotik do it. If we put their router directly into the L2Switch at the tower site, untagged in the vlan, their tunnel fires up immediately. So we know that we don’t have any edge/provider problems, and nothing wrong with our backhaul, switches, or core routers. The AP is a RB600 with 3.20 and the cpe is an rb800 on 4.11. Both have Atheros AR5413 radio cards. Our second test was using two rb532’s running 3.30. We’ve tried having the cpe in station, station-psuedobridge, wds slave. We are queuing the customer’s traffic on the cpe using simple queues. We have exhausted all that we can think of. Can anybody think of what would be causing an ipsec tunnel to break down over a wireless link? Thanks for any help on this, it’s rather frustrating. -Keith- -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://www.butchevans.com/pipermail/mikrotik/attachments/20101109/96e76fff/attachment.html> _______________________________________________ Mikrotik mailing list [email protected] http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS _______________________________________________ Mikrotik mailing list [email protected] http://www.butchevans.com/mailman/listinfo/mikrotik Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
