Greetings!
When creating Site-to-Site IPSec VPN tunnels, and MikroTik is behind NAT (like CHR at AWS, for example), there are cases where tunnels can’t get established because the packet is being sent from public IP, while IKE ID is local IP.
In such cases it would help if administrator could manually override IKE ID IP address with the one used as public IP.
Right now ( v6.34rc34 ), ‘My ID’ under ‘IPsec Peer’ can only be set to ‘auto’ which sends local IP, or ‘fqdn’/‘user fqdn’ which can’t be used in main mode.
Since administrator already knows what is the public IP address, the inability to explain that to MikroTik’s IPSec is really frustrating.
Thank you.