Hi,
I have setup RoadWarrior remote office behind NAT.
I use IKEv2 with mode-conf.
I have found that I can route all traffice from remote office over the tunnel via dynamic NAT rule generation.
https://wiki.mikrotik.com/wiki/Manual:IP/IPsec#Enabling_dynamic_source_NAT_rule_generation
Which is fine but I would like to limit this rule to only route remote subnet. If I create a static rule it stops working when the tunnel is recreated because the assigned IP is not static.
I do not use Radius (NPS) to assign fixed IP..
Is there any other way.. I think I could try and Mark packets..
But it would be I nice feature just to tick it in Winbox…