If we had:
name=“rw-config” system-dns=yes address-pool=roadwarriorips address-prefix-length=32 responder=yes dst-address-list=roadwarriors
Then in the firewall we could reference the roadwarriors list and create dynamic firewalls for anyone connecting with the above mode-config.
This would be vastly better than defining a separate pool for each type of firewall policy, then trying to keep the mode-config, ip pool, and firewall address-list all in sync.
Technically, I’d ask for the address-list to become an optional parameter of the both the /ip ipsec mode-config and /ip ipsec identity, because both approaches have its advantages. It would not be a **dst-**address-list because it is a list to which the address assigned to the client would be added but in the firewall rules it can be used to match both source and destination addresses; the name **src-**address-list is used in /ip ipsec mode-config because the purpose is different, the address list referred to represents a collection of subnets, existing regardless whether the mode-config is in use or not, for which a src-nat rule has to be added dynamically in a scenario where the Mikrotik receives its own IP address via mode-config.
Formally, this forum is not the right channel for issuing feature requests. The right one is support@mikrotik.com.