Have anybody setup IPSEC using GCM encryption on Mikrotiks (in my case - to encode GRE tunnels)?
I succesfully setup AES-CBC, AES-CTR but failed with AES-GCM - I am getting the "failed to pre-process ph2 packet" error on both sides and stuck whre to look further...

PS: from debug log I see only this error:

Aug/06/2016 20:12:38 ipsec,debug,packet IPSEC:: call pfkey_send_update_nat
Aug/06/2016 20:12:38 ipsec,debug IPSEC:: libipsec failed send update_nat (Success)
Aug/06/2016 20:12:38 ipsec,debug IPSEC:: pfkey update failed.
Aug/06/2016 20:12:38 ipsec,debug IPSEC:: failed to process packet.
Aug/06/2016 20:12:38 ipsec,debug IPSEC:: phase2 negotiation failed.
Aug/06/2016 20:12:38 ipsec,debug,packet IPSEC:: an undead schedule has been deleted.

I'm using gcm

Sent from my XT1575 using Tapatalk

Can you pasteyour IPSEC setup here, I will be very appreciated %) ?
Because I suspect problem is in some other IPSEC parameters which I set wrong...

I can't now, but later from a computer

Sent from my XT1575 using Tapatalk

GCM works well, but but is not hardware accelerated. only the AES-CBC cyphers are accelerated.
Enable ipsec debug logging to see what is wrong with the phase 2

Thank you! For comparing mine current config is:

/interface gre
add allow-fast-path=no !keepalive local-address=A.A.A.A mtu=1420 name=gre-tunnel remote-address=B.B.B.B
/ip ipsec proposal
add auth-algorithms=null enc-algorithms=aes-256-gcm lifetime=33m20s name=PROPOSAL-Gcm pfs-group=none
/ip ipsec peer
add address=B.B.B.B enc-algorithm=aes-256 nat-traversal=no secret=XXXXXXX
/ip ipsec policy
add src-address=A.A.A.A dst-address=B.B.B.B protocol=gre sa-src-address=A.A.A.A sa-dst-address=B.B.B.B proposal=PROPOSAL-Gcm

All works if change to sha1+AES-256-CBC (or CTR, or any other)...

GCM works well, but but is not hardware accelerated. only the AES-CBC cyphers are accelerated.
Enable ipsec debug logging to see what is wrong with the phase 2

Problem with CBC that it seems to be coded in one thread. I tested encrypted VPNs betweens CCRs, 100M channels and ping 40ms between them - one connection using AES-256-CBC gives only.... 2-3Mbit! Of course using more connection gives more speed ... but not in the case of Samba sharing. Switching to Camelia-256 or AES-256-CTR gives ~30Mbit for single connection. It is closer to the maximum possible ~50M (taking in the mind the TCPWindowSize issue). Of course they are not hardware coded but hardware coding seems to be the bottleneck...Becuase I remember time when AES-256-CBC gave the same speed (somewhere in 6.7...6.11).
GCM I think should give more speed. I hope.

PS: or does exist any way to switch off harware "acceleration" except changing the encryption methods?

Enable ipsec debug logging to see what is wrong with the phase 2

Sure. But what exactly is question. And how NAT is related to this.... Both sides use global white IPs.

Who said anything about NAT?
You need to turn on the ipsec debug logging to see what the phase2 errors are

Who said anything about NAT?
You need to turn on the ipsec debug logging to see what the phase2 errors are

Debug log with errors are in 1st message of this topic already.
PS:我可以把他完整的日志re but errors shown only in this lines

I can't now, but later from a computer
Sent from my XT1575 using Tapatalk

Just gentle reminder %), thanks in advance.