How are people managing mobile/road warrior IPSEC inbound connections to RouterOS? I have a few users who need access to their local networks via IPSEC to which they'll be connecting from laptops anywhere, generally NAT'd behind something.
So, scenario would look something like this:
client (192.168.1.50) -> NAT gateway -> public Internet -> (fixed or dynamic IP) Mikrotik Router -> NAT'd local network (192.168.2.0/24)
NOTE that the client's IP will be dynamic, hence the road warrior label.
Clients would be a mix of Macs and linux clients capable of doing NAT-T.
Can RouterOS be configured for unique PSKs for each remote user?
Any config examples would be great - the wiki doesn't cover this.