Some time client needed Site-to-Site IPSec VPN connection between multiple locations but ware not ready to pay for Cisco routers.
So it was time to my favorite cheep but reliable solution Mikrotik. They didn’t need any special requirements, on the main location they had a server with a application and a on the other locations they had a few PC’s that needed to contact the database on that server.
If everything set up but in one day provider change external IP addresses.
Definitely you have to make some changes in the IPsec settings.
Lest fix it:
2 sites connected via IPsec.
One provider recently swap externel IP. How to establish channel back.
Find current external IPs of the both Mikrotik routers.
On both routers:
Go to: IP - IPSEC - Policies:
Edit faulty ipsec policy
check/change SA Src. Address
check/change SA Dst. Address
Go to: IP - IPSEC - Peers - edit peer:
check/change IP address of the peer.