This is all complexificated by the fact that I cannot access the Starlink end remotely (yet). Simple PPTP/L2TP/OVPN/Whatever VPN out from the starlink end to your office is a useful way of having a backdoor into the remote end. Then you can play with the site-to-site VPN's to your hearts content without risking getting yourself locked out
-----Original Message----- From: Public <public-bounces@talk.mikrotik.com.au> On Behalf Of Karl Auer Sent: Wednesday, October 18, 2023 5:22 PM To: MikroTik Australia Public List <public@talk.mikrotik.com.au> Subject: Re: [MT-AU Public] Mikrotik and Starlink On Wed, 2023-10-18 at 19:23 +1100, Roger Plant wrote:
It all looks pretty well ok I think.
Yeah, I agree :-)
My new guess is that there may still be some ipsec policies and settings configured. Requiring traffic from X to Y be tunnelled with ipsec.
I disabled the ipsec peers, but did not actually remove the configurations. What I'm doing now is configuring up a minimal replacement router with none of the cruft of the existing one. And I will remove the ipsec configuration from the other end. Fingers crossed that when I drop this in place tomorrow, it will Just Work. This is all complexificated by the fact that I cannot access the Starlink end remotely (yet). Regards, K. -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Karl Auer (kauer@nullarbor.com.au) work +61 2 64957435 http://www.nullarbor.com.au mobile +61 428 957160 _______________________________________________ Public mailing list Public@talk.mikrotik.com.au http://talk.mikrotik.com.au/mailman/listinfo/public_talk.mikrotik.com.au