IPsec

accept - continue with packet as if there was no IPsec
drop - drop packet
encrypt - encrypt packet

Each SPD rule can be associated with several Security Associations (SA) that determine packet encryption parameters (key, algorithm, SPI).

Note that packet can only be encrypted if there is usable SA for policy rule. By setting SPD rule security "level" user can control what happens when there is no valid SA for policy rule:

If packet can be encrypted, it is encrypted and sent as LOCALLY ORIGINATED packet - i.e. it is processed with "output" firewall, src-nat again and IPsec SPD again (this way one packet can be encrypted several times if encrypted packet has to be sent over encrypted tunnel itself). If packet matches the same SPD rule that it matched before, it is sent out without encrypting (to avoid encryption loops).

Decryption

Note that before forward and input firewall chains, packet that was not decrypted on local host is compared with SPD reversing its matching rules. If SPD requires encryption (there is valid SA associated with matching SPD rule), packet is dropped. This is called incoming policy check.

Internet Key Exchange

Most of the time IKE daemon is doing nothing. There are two possible situations when it is activated:

In both cases, peers establish connection and execute 2 phases:

There are two lifetime values - soft and hard. When SA reaches it's soft lifetime, IKE daemon receives notice about it and starts another phase 2 exchange to replace this SA with fresh one. If SA reaches hard lifetime, it is discarded.

Perfect Forward Secrecy (PFS) that can optionally be provided by IKE is a property of key exchanges, which for IKE means that compromising the long term phase 1 key will not allow to easily gain access to all IPsec data that is protected by SAs established through this phase 1. It means an additional keying material is generated for each phase 2.

Generation of keying material is computationally very expensive. Use of modp8192 group can take several seconds even on very fast computer. It usually takes place once per phase 1 exchange, which happens only once between any host pair and then is kept for long time. PFS adds this expensive operation also to each phase 2 exchange.

IKE Traffic

IPsec Setup

[admin@MikroTik] ip ipsec>

             policy
       installed-sa
          manual-sa
               peer
  pre-shared-secret
           proposal
           counters
             export
[admin@MikroTik] ip ipsec>

Descriptions of settings:

policy - set up security policies
installed-sa - look at currently installed security associations
manual-sa - templates for manual security associations
peer - IKE peer configuration
pre-shared-secret - to authenticate with IKE peers
proposal - phase2 IKE proposal settings
counters - counters

Policy Settings

[admin@MikroTik] ip ipsec policy> add sa-src-address=10.0.0.205 sa-dst-address=10.0.0.201 \
\... action=encrypt
[admin@MikroTik] ip ipsec policy> print
Flags: X - disabled, I - invalid
  0   src-address=10.0.0.205/32:any dst-address=10.0.0.201/32:any
      protocol=all action=encrypt level=require ipsec-protocols=esp tunnel=no
      sa-src-address=10.0.0.205 sa-dst-address=10.0.0.201 proposal=default
      manual-sa=none dont-fragment=clear


[admin@MikroTik] ip ipsec policy>

src-address - Source IP address. Can be in the form address/mask:ports
dst-address - Destination IP address. Can be in the form address/mask:ports
protocol - name or number of protocol action - What to do with packet that matches policy. Choices are:

• accept - pass the packet. This is default action when no policies are configured.
  
• drop - drop the packet.
  
• encrypt - apply transormations specified by this policy and it's security associations.

dont-fragment - default value works OK. It is good to have dont-fragment cleared because encrypted packets are always bigger than original and thus they may need fragmentation.
tunnel - yes if you want to use tunnel mode. In tunnel mode all packets are IPIP encapsulated, and their new IP header src and dst are set to sa-src and sa-dst values of this policy. If you don't use tunnel mode (i.e. you use transport mode), then only packets whose source and destination is the same as sa-src and sa-dst can be processed by this policy. Transport mode can only work with packets that originate at and are destined for IPsec peers (hosts that established security associations). To encrypt traffic between networks (or network and host) you have to use tunnel mode.
ipsec-protocols - One of ah, esp, ah,esp. Specifies what combination of Authentication Header and Encapsulating Security Payload protocols you want to apply to matched traffic. AH is applied after ESP, and in case of tunnel mode ESP will be applied in tunnel mode and AH - in transport mode.
level - What to do if some of the SAs for this policy cannot be found:

• use - skip this transform, don't drop packet, don't acquire SA from IKE daemon.
• acquire - skip this transform, but acquire SA for it from IKE daemon.
• require - drop packet, acquire SA.

sa-src-address - SA source
sa-dst-address - SA destination
manual-sa - Name of manual-sa template that will be used to create SAs for this policy, or none if you don't want to set up any manual keys.
proposal - Name of proposal info that will be sent by IKE daemon to establish SAs for this policy.

Statistics can be printed out using print stats command:

[admin@MikroTik] ip ipsec policy> print stats
Flags: X - disabled, I - invalid
  0   src-address=10.0.0.205/32:any dst-address=10.0.0.201/32:any
      protocol=all ph2-state=no-phase2 in-accepted=0 in-dropped=0
      out-accepted=0 out-dropped=0 encrypted=0 not-encrypted=0 decrypted=0
      not-decrypted=0


[admin@MikroTik] ip ipsec policy>

ph2-state - progress of key establishing. 'expired' means there are some leftovers from previous phase2, and is similar to 'no-phase2', which means nothing has happened. 'established' means SAs are in place and everything should be working. Anything else falls between these last two states.
in-accepted - how many incoming packets were passed through by policy without attempting decryption.
in-dropped - how many incoming packets were dropped by policy without attempting decryption.
out-accepted - how many outgoing packets were passed through by policy without encryption.
out-dropped - how many outgoing packets were dropped by policy without attempting encryption.
encrypted - how many outgoing packets were encrypted and passed on successfully.
not-encrypted - how many outgoing packets policy attempted to encrypt, but discarded for any reason.
decrypted - how many incoming packets policy decrypted and passed on successfully.
not-decrypted - how many incoming packets policy tried to decrypt, but discarded for any reason.

Peer

[admin@MikroTik] ip ipsec peer> add address=10.0.0.201
[admin@MikroTik] ip ipsec peer> print
Flags: X - disabled
  0   address=10.0.0.201:500 exchange-mode=main send-initial-contact=yes
      proposal-check=strict hash-algorithm=md5 enc-algorithm=3des
      dh-group=modp1024


[admin@MikroTik] ip ipsec peer>

address - address of the remote peer
dh-group - Diffie-Hellman (DH) key exchange protocol allows two parties without any initial shared secret to create one. This value defines cipher strength. Allowed values: modp768, modp1024, modp1536, modp2048, modp3072, modp4096, modp8192. First three (768, 1024 and 1536) are standard, others might be incompatible with similarly named groups in other implementations
enc-algorithm - Encryption algorithm. Valid algorithms are: des, 3des, aes-128, aes-192 and aes-256 in strength (and computation time) increasing order
exchange-mode - Valid values are: main, aggressive or base. See RFC 2408 for an overview of ISAKMP phase 1 exchange modes. Currently only main mode is tested
hash-algorithm - Hashing algorithm. Valid algorithms are md5 and sha in strength (and computation time) increasing order
proposal-check - Lifetime check logic. This is for phase 2 lifetimes (you cannot configure lifetimes for phase 1 proposals yet). One of:

• claim - take shortest of proposed and configured lifetimes, notify initiator about it
• exact - lifetimes must be the same
• obey - accept whatever is sent by initiator
• strict - If initiator proposes longer lifetime than default, reject proposal, otherwise accept proposed lifetimes. This is default value

send-initial-contact - yes

Statistics can be printed out using print stats command.

For not yet established connections:

[admin@MikroTik] ip ipsec peer> print stats
Flags: X - disabled
  0   address=10.0.0.201:500 exchange-mode=main send-initial-contact=yes
      proposal-check=strict hash-algorithm=md5 enc-algorithm=3des
      dh-group=modp1024 ph1-state=no-phase1


[admin@MikroTik] ip ipsec peer>

[admin@MikroTik] ip ipsec peer> print stats
Flags: X - disabled
  0   address=10.0.0.201:500 exchange-mode=main send-initial-contact=yes
      proposal-check=strict hash-algorithm=md5 enc-algorithm=3des
      dh-group=modp1024 ph1-state=established ph1-side=initiator
      ph1-established=nov/19/2008 17:13:24 ph2-active=0 ph2-total=1


[admin@MikroTik] ip ipsec peer>

ph1-state - state of phase 1 negotiation with this peer. established is the normal working state
ph1-side - who spoke first. initiator means that phase 1 negotiation was started by this router. responder - by peer
ph1-established - when current phase 1 between router and peer was established
ph2-active - how many phase 2 negotiations with this peer are currently taking place
ph2-total - how many phase 2 negotiations with this peer took place

Pre-shared-secret

[admin@MikroTik] ip ipsec pre-shared-secret> print
Flags: X - disabled
  #   ADDRESS         SECRET
  0   10.0.0.201      gwejimezyfopmekun
[admin@MikroTik] ip ipsec pre-shared-secret>

[admin@MikroTik] ip ipsec pre-shared-secret> print
Flags: X - disabled
  #   ADDRESS         SECRET
  0   10.0.0.205      gwejimezyfopmekun
[admin@MikroTik] ip ipsec pre-shared-secret>

address - address of remote peer
ident-string - identity string of remote peer
secret - secret string. If it starts with '0x', it is parsed as a hexadecimal value

Manual SA

[admin@MikroTik] ip ipsec manual-sa> add ah-key=A0/0A
[admin@MikroTik] ip ipsec manual-sa> print
Flags: X - disabled, I - invalid
  0   name="sa1" ah-algorithm=null esp-auth-algorithm=null
      esp-enc-algorithm=null ah-key=A0/0A esp-auth-key="" esp-enc-key=""
      ah-spi=100 esp-spi=100


[admin@MikroTik] ip ipsec manual-sa>

ah-algorithm - Authentication Header encryption algorithm, one of the following:

• md5 - 128 bit key
• null - any key length
• sha1 - 160 bit key

esp-auth-algorithm - Encapsulating Security Payload authentication encryption algorithm, one of the following:

• md5 - 128 bit key
• null - any key length
• sha1 - 160 bit key

esp-auth-algorithm - Encapsulating Security Payload encryption algorithm, one of the following:

• md5 - 128 bit key
• null - any key length
• sha1 - 160 bit key

ah-key - incoming-authentication-key/outgoing-authentication-key
ah-spi - incoming-SA-SPI/outgoing-SA-SPI, in hexadecimal. May be equal
esp-auth-key - incoming-authentication-key/outgoing-authentication-key
esp-enc-key - incoming-encryption-key/outgoing-encryption-key
esp-spi - incoming-SA-SPI/outgoing-SA-SPI, in hexadecimal. May be equal
name - name of item for reference from policies

Note that incoming SPI numbers on one router must match outgoing SPI numbers on another, and vice versa. Same for keys.

You can reference same manual-sa template from several policies, because actual SAs are inserted based on info in policies (AH, ESP) as well as in this template, as well as in key config. Also, each SA is distinguished by its source (sa-src), destination (sa-dst), protocol (AH or ESP), SPI and direction.

Proposal

[admin@MikroTik] ip ipsec proposal> print
Flags: X - disabled
  0   name="default" auth-algorithms=sha1 enc-algorithms=3des lifetime=30m
      lifebytes=0 pfs-group=modp1024


[admin@MikroTik] ip ipsec proposal>

auth-algorithms - allowed algorithms for authorization:

• md5 - 128 bit key
• null - any key length
• sha1 - 160 bit key

enc-algorithms - allowed algorithms and key lengths to use for SAs that will be acquired from IKE daemon by policy that references this proposal (3des, aes-128, aes-192, aes-256, des, null) lifebytes - how many bytes to encrypt using SA before throwing it out and making new one. 0 means SA won't expire based on byte count (default)
lifetime - how long to use SA before throwing it out. See also proposal-check in peer config
name - name of proposal for referencing it from policy
pfs-group - Diffie-Helman group used for Perfect Forward Secrecy

Installed SA

[admin@MikroTik] ip ipsec installed-sa> print
Flags: A - AH, E - ESP, P - pfs, M - manual
  0 E   spi=21237B07 direction=out src-address=10.0.0.204
        dst-address=10.0.0.201 auth-algorithm=sha1 enc-algorithm=3des
        replay=4 state=mature
        auth-key="3c1f4a3f5d2014e565f9f3fb671bab89056febb5"
        enc-key="725d43ed2742530a257d19dd36702259ea7a50060aa760a3"
        add-lifetime=24m/30m use-lifetime=0s/0s lifebytes=0/0
        current-addtime=nov/24/2008 14:28:42
        current-usetime=jan/01/1970 00:00:00 current-bytes=0

  1 E   spi=FAACF20D direction=in src-address=10.0.0.201
        dst-address=10.0.0.204 auth-algorithm=sha1 enc-algorithm=3des
        replay=4 state=mature
        auth-key="acb0c8c3dc81f3ff5f92cbc15c49c7a710f9efa5"
        enc-key="a50c04b44904c07009c3e218760f3827493579172b29bcfd"
        add-lifetime=24m/30m use-lifetime=0s/0s lifebytes=0/0
        current-addtime=nov/24/2008 14:28:42
        current-usetime=jan/01/1970 00:00:00 current-bytes=0


[admin@MikroTik] ip ipsec installed-sa>

spi - SPI value of SA, in hexadecimal
replay - size of replay window, in bytes
state - larval, mature, dying or dead
auth-algorithm - none, md5 or sha1
enc-algorithm - none, des, 3des, aes
src-address - source of SA from policy configuration
dst-address - destination of SA from policy configuration
auth-key - authentication key, as hex string
enc-key - encryption key, as hex string (only used by ESP SAs)
direction - in or out
current-addtime - time when this SA was installed
current-usetime - time when this SA was first used
current-bytes - amount of data processed by this SA's crypto algorithms
add-lifetime - expiration time counted from installation of SA. soft/hard
use-lifetime - expiration time counter from the first use of SA. soft/hard>
lifebytes - expiration threshold for amount of processed data. soft/hard

Counters

[admin@MikroTik] ip ipsec> counters print
                    out-accept: 2298
                      out-drop: 0
                   out-encrypt: 4
                     in-accept: 3497
                       in-drop: 0
                  in-decrypted: 4
              in-accept-isakmp: 20
             out-accept-isakmp: 12
    in-drop-encrypted-expected: 0
[admin@MikroTik] ip ipsec>

out-accept - how many outgoing packets were matched by 'accept' policy (including the default "accept all" case)
out-accept-isakmp - how many locally originated UDP packets on source port 500 (which is how ISAKMP packets look) were let through without policy matching
out-drop - how many outgoing packets were matched by drop policy (or encrypt policy with level=require that doesn't have all SAs)
out-encrypt - how many outgoing packets were encrypted successfully
in-accept - how many incoming packets were matched by accept policy
in-accept-isakmp - how many incoming UDP packets on port 500 were let through without policy matching
in-drop - how many incoming packets matched drop policy. (or encrypt policy with level=require that didn't have all SAs)
in-decrypted - how many incoming packets were successfully decrypted
in-drop-encrypted-expected - how many incoming packets were matched by encrypt policy and dropped because they were not encrypted

Application examples

IPsec setup between two RourerOS routers

Minimal config example for transport mode ESP with automatic keying on Router 1:

ip ipsec policy add sa-src=1.0.0.1 sa-dst=1.0.0.2 action=encrypt
ip ipsec peer add address=1.0.0.2
ip ipsec pre-shared-secret add address=1.0.0.2 secret="roberkenon"

ip ipsec policy add sa-src=1.0.0.2 sa-dst=1.0.0.1 action=encrypt
ip ipsec peer add address=1.0.0.1
ip ipsec pre-shared-secret add address=1.0.0.1 secret="roberkenon"

ip ipsec manual-sa add name=ah-sa1 ah-spi=0x101/0x100 ah-key=abcfed
ip ipsec policy add src-address=10.1.0.0/24 dst-address=10.2.0.0/24 \
   action=encrypt ipsec-protocols=ah tunnel=yes sa-src=1.0.0.1 sa-dst=1.0.0.2 \
   manual-sa=ah-sa1

ip ipsec manual-sa add name=ah-sa1 ah-spi=0x100/0x101 ah-key=abcfed
ip ipsec policy add src-address=10.2.0.0/24 dst-address=10.1.0.0/24 \
   action=encrypt ipsec-protocols=ah tunnel=yes sa-src=1.0.0.2 sa-dst=1.0.0.1 \
   manual-sa=ah-sa1

IPsec Setup for Routing Between two Masquerading MikroTik Routers

On Router1:

/ip firewall src-nat add src-address=10.1.0.0/24 dst-address=10.2.0.0/24
/ip firewall src-nat add out-interface=public action=masq

/ip ipsec policy add src-address=10.1.0.0/24 dst-address=10.2.0.0/24 \
    action=encrypt tunnel=yes sa-src-address=1.0.0.1 sa-dst-address=1.0.0.2
/ip ipsec peer add address=1.0.0.2 exchange-mode=aggressive
/ip ipsec pre-shared-secret add address=1.0.0.2 secret="sviestapika"

On Router2:

/ip firewall src-nat add src-address=10.2.0.0/24 dst-address=10.1.0.0/24
/ip firewall src-nat add out-interface=public action=masq

/ip ipsec policy add src-address=10.2.0.0/24 dst-address=10.1.0.0/24 \
action=encrypt tunnel=yes sa-src-address=1.0.0.2 sa-dst-address=1.0.0.1
/ip ipsec peer add address=1.0.0.1 exchange-mode=aggressive
/ip ipsec pre-shared-secret add address=1.0.0.1 secret="sviestapika"

IPsec Setup Between MikroTik and CISCO Routers

Must configure IPsec encryption for traffic between 10.0.0.0/24 and 10.0.2.0/24 subnets.

Configuring RouterOS

[admin@MikroTik] ip ipsec proposal> add name=to_cisco pfs-group=none
algorithms=enc-des,auth-sha1

[admin@MikroTik] ip ipsec peer> add address=10.0.1.2 enc-algorithm=des
auth-method=pre-shared-key hash-algorithm=sha dh-group=modp1024

[admin@MikroTik] ip ipsec pre-shared-secret> add secret=test_key
address=10.0.1.2

[admin@MikroTik] ip ipsec policy> add src-address=10.0.0.0/24
dst-address=10.0.2.0/24 protocol=all action=encrypt ipsec-protocols=esp
level=require tunnel=yes sa-src=10.0.1.1 sa-dst=10.0.1.2 proposal=to_cisco

Configuring Cisco

! Configure ISAKMP policy (phase1 config, must match configuration
! of "/ip ipsec peer" on RouterOS). Note that DES is default (and only)
! encryption algorithm on this Cisco. SHA1 is default authentication
! algorithm
crypto isakmp policy 10
 authentication pre-share
 group 2

! Add preshared key to be used when talking to RouterOS
crypto isakmp key test_key address 10.0.1.1

! Create IPsec transform set - transformations that should be applied to
! traffic - ESP encryption with DES and ESP authentication with SHA1
! This must match "/ip ipsec proposal"
crypto ipsec transform-set myset esp-des esp-sha-hmac

! Create access list that matches traffic that should be encrypted
access-list 101 permit ip 10.0.2.0 0.0.0.255 10.0.0.0 0.0.0.255

! Create crypto map that will use transform set "myset", use peer 10.0.1.1
! to establish SAs and encapsulate traffic and use access-list 101 to
! match traffic that should be encrypted
crypto map mymap 10 ipsec-isakmp
 set peer 10.0.1.1
 set transform-set myset
 match address 101

! And finally apply crypto map to serial interface:
interface Serial1
 crypto map mymap

Testing

On RouterOS we can see installed SAs:

[admin@MikroTik] ip ipsec installed-sa> print
Flags: A - AH, E - ESP, P - pfs, M - manual
  0 E   spi=9437482 direction=out src-address=10.0.1.1
        dst-address=10.0.1.2 auth-algorithm=sha1 enc-algorithm=des
        replay=4 state=mature
        auth-key="9cf2123b8b5add950e3e67b9eac79421d406aa09"
        enc-key="ffe7ec65b7a385c3" add-lifetime=24m/30m use-lifetime=0s/0s
        lifebytes=0/0 current-addtime=jul/12/2002 16:13:21
        current-usetime=jul/12/2002 16:13:21 current-bytes=71896

  1 E   spi=319317260 direction=in src-address=10.0.1.2
        dst-address=10.0.1.1 auth-algorithm=sha1 enc-algorithm=des
        replay=4 state=mature
        auth-key="7575f5624914dd312839694db2622a318030bc3b"
        enc-key="633593f809c9d6af" add-lifetime=24m/30m use-lifetime=0s/0s
        lifebytes=0/0 current-addtime=jul/12/2002 16:13:21
        current-usetime=jul/12/2002 16:13:21 current-bytes=0


[admin@MikroTik] ip ipsec installed-sa>

interface: Serial1
    Crypto map tag: mymap, local addr. 10.0.1.2

   local  ident (addr/mask/prot/port): (10.0.2.0/255.255.255.0/0/0)
   remote ident (addr/mask/prot/port): (10.0.0.0/255.255.255.0/0/0)
   current_peer: 10.0.1.1
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 1810, #pkts encrypt: 1810, #pkts digest 1810
    #pkts decaps: 1861, #pkts decrypt: 1861, #pkts verify 1861
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0

     local crypto endpt.: 10.0.1.2, remote crypto endpt.: 10.0.1.1
     path mtu 1500, media mtu 1500
     current outbound spi: 1308650C

     inbound esp sas:
      spi: 0x90012A(9437482)
        transform: esp-des esp-sha-hmac ,
        in use settings ={Tunnel, }
        slot: 0, conn id: 2000, flow_id: 1, crypto map: mymap
        sa timing: remaining key lifetime (k/sec): (4607891/1034)
        IV size: 8 bytes
        replay detection support: Y

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:
      spi: 0x1308650C(319317260)
        transform: esp-des esp-sha-hmac ,
        in use settings ={Tunnel, }
        slot: 0, conn id: 2001, flow_id: 2, crypto map: mymap
        sa timing: remaining key lifetime (k/sec): (4607893/1034)
        IV size: 8 bytes
        replay detection support: Y

     outbound ah sas:

     outbound pcp sas:

IPsec setup between RouterOS router and Windows SonicWall Client

Configuring remote access of 1.1.1.0 network through 10.0.0.204 RouterOS router

Configuring RouterOS

1. Add peer configuration. Use Triple-DES and SHA-1 algorithms to protect phase 1 traffic. Set "proposal-check" to "obey" to allow remote client to connect even if lifetime and pfs settings in its proposal don't match ours.

   / ip ipsec peer add address=10.0.0.81:500 exchange-mode=main \
   send-initial-contact=no proposal-check=obey hash-algorithm=sha \
   enc-algorithm=3des dh-group=modp1024
   

2. Add pre-shared secret to identify remote client.

   / ip ipsec pre-shared-secret add address=10.0.0.81 secret="********"
   Add encryption proposal. Use MD5, DES and Diffie-Hellman Group 1 for
   Perfect Forward Secrecy.
   / ip ipsec proposal add name=sw-client auth-algorithms=md5 enc-algorithms=des \
   lifetime=30m pfs-group=modp768
   
   Add policy rule that matches traffic between remote client and 1.1.1.0/24
   network, use ESP in tunnel mode to encript all data.
   / ip ipsec policy add src-address=1.1.1.0/24 dst-address=10.0.0.81/32 \
   action=encrypt ipsec-protocols=esp tunnel=yes sa-src-address=10.0.0.204 \
   sa-dst-address=10.0.0.81 proposal=sw-client
   

Configuring SonicWALL

"Connection Security": select "Secure"
in "Remote Party Identity And Addressing" box:
  "ID Type": select "IP Subnet"
  "Subnet": enter "1.1.1.0"
  "Mask": enter "255.255.255.0"
  check "Connect using", select "Secure Gateway Tunnel"
  "ID Type": select "IP Address", enter below "10.0.0.204"

in "My Identity" box:
  "Select Certificate": select "None"
  click "Pre-Shared Key"

"Pre-Shared Key" pops up:

    click "Enter Key"
    type ********, click "OK"

in "Internet Interface" box:
  "Name": select interface that is connected to 10.0.0.0/24 network
  "IP Addr": check that it shows 10.0.0.81

Configure phase 1 setting to use same algorithms as on RouterOS side:

"Select Phase 1 Negotiation Mode": select "Main Mode"
check "Enable Perfect Forward Secrecy (PFS)"
"PFS Key Group": select "Diffie-Hellman Group 1"
clear "Enable Replay Detection"

"Authentication Method": select "Pre-Shared Key"
in "Encryption and Data Integrity Algorithms" box:
  "Encrypt Alg": select "Triple DES"
  "Hash Alg": select "SHA-1"
  "SA Life": select "Unspecified"

"Key Group": select "Diffie-Hellman Group 2" (this is called "modp1024"
in RouterOS)

in "IPSec Protocols" box:
  "SA Life": select "Seconds", enter "1800" in "Seconds" field
  "Compression": select "None"
  check "Encapsulation Protocol (ESP)"
    "Encrypt Alg": select "DES"
    "Hash Alg": select "MD5"
    "Encapsulation": select "Tunnel"
  clear "Authentication Protocol (AH)"

click "Save" (on the toolbar)

Testing

On RouterOS side you can see the statistics for established SAs:

[admin@xxx] ip ipsec installed-sa> print
Flags: A - AH, E - ESP, P - pfs, M - manual
  0 E   spi=3C3C7A8D direction=out src-address=10.0.0.204
        dst-address=10.0.0.81 auth-algorithm=md5 enc-algorithm=des replay=4
        state=mature auth-key="5697ee9fe98867005ac057e1b62a6c3b"
        enc-key="7b992840ea30b180" add-lifetime=24m/30m use-lifetime=0s/0s
        lifebytes=0/0 current-addtime=nov/26/2002 09:33:47
        current-usetime=nov/26/2002 09:33:53 current-bytes=896

  1 E   spi=A472A105 direction=in src-address=10.0.0.81
        dst-address=10.0.0.204 auth-algorithm=md5 enc-algorithm=des replay=4
        state=mature auth-key="70655b51846308f68ce964d90b5580cd"
        enc-key="a3623a16f6bef13d" add-lifetime=24m/30m use-lifetime=0s/0s
        lifebytes=0/0 current-addtime=nov/26/2002 09:33:47
        current-usetime=nov/26/2002 09:33:53 current-bytes=0