To use Anonine with the IPsec IKEv2 protocol on your Mikrotik device (version 6.46 and later), please follow the instructions below.

1.   Downloading the root Certificate Authority (CA) from this link to your PC.

2.   Login in to your Mikrotik. Typically this can be accessed via a web browser by entering instead of url.

3.     Uploading the root CA downloaded at step 1 to the Mikrotik. 

Files -> Browse -> gdroot-g2.crt

4.     Importing the root CA certificate to the Mikrotik certificate storage.

System -> Certificates -> Import

5.     Setting up the IPsec tunnel.

5.1.  Creating a profile.

IP -> IPsec -> Profiles -> Add new

5.2.  Create a Proposals

IP -> IPsec -> Proposals -> Add new

5.3.  Create a policy group

IP -> IPsec -> Groups -> Add new

5.4.  Create a peer.

Server address you can get by this link at you Anonine account.

IP -> IPsec -> Peers -> Add new

5.5.   Create a policy for fixing an MTU issue with IPsec tunnel. 

Warning - Dst. Address must be from the same subnet as your Mikrotik is. For example if IP is than Dst. Address must be, if IP is than

IP -> IPsec -> Policies -> Add new

5.6.  Create a main policy group template.

IP -> IPsec -> Policies -> Add new

5.7.  Choosing what will go through IPsec tunnel.

IP -> Firewall -> Address list -> Add new

If you want that only some IP's have access through IPsec tunnel, than create a few records for each.

5.8.  Create a new mode configuration.

IP -> IPsec -> Mode Configs -> Add  new

5.9.  Creating an identity (your login and password).

IP -> IPsec -> Identity -> Add new

To check is IPsec tunnel established.

1. IP -> IPsec -> Active Peers - here is the status of your connection

2. IP -> IPsec -> Installed SAs - here is SA for inbound and outbound channels.