According to the Wiki, as of ROS version 6.16 L2TP with IPsec is supported.
http://wiki.mikrotik.com/wiki/Manual:Interface/L2TP
I would like to use this VPN type for remote workers, but I am concerned that implementing IPsec to be used with L2TP will cause the existing static site to site IPsec peer connections to have a problem.
In the wiki example of implementing L2TP with IPsec, it suggests setting up the dynamic IPsec Peer settings with the commands:
0 D address=0.0.0.0/0 local-address=0.0.0.0 passive=yes port=500
auth-method=pre-shared-key secret=“123” generate-policy=port-strict
exchange-mode=main-l2tp send-initial-contact=yes nat-traversal=yes
hash-algorithm=sha1 enc-algorithm=3des,aes-128,aes-192,aes-256
dh-group=modp1024 lifetime=1d dpd-interval=2m dpd-maximum-failures=5
The wiki also warns that the configuration above may cause problems on routers with existing static peers. How can I configure a dynamic IPsec peer as the command above does, without breaking the static IPsec peer connection already in use?