i have a vpn server running strongswan 5.2.1 and a private CA and keys for multiple clients, i'm using rsasig + xauth to validate clients. vpn server is behind a static public ip, server is also running squid on port 3128 (firewalled)
i have a mikrokit running routeros 6.27 behind an dynamic public ip.
mikrokit is the default gateway for a network.
i need the mikrokit to establish a vpn to the vpn server and encrypt all the traffic to tcp port 3128 on the vpn server, i only want to encrypt that traffic. traffic from mikrokit to vpn server on port 3128.
i don't want to encrypt any other traffic, all the defaults on the vpn server and the mk should left untouched. new configuration should be keep separated. i won't give ssh access to any of the boxes, just need the documentation how to do it. if does not work i will provide logs on both sides, i can provide keys for the vpn if needed.
i'm living on gmt +8 timezone, i can be reached on skype, gtalk or email. i speak english and spanish.
thanks