IPSec IKEv2 TS_UNACCEPTABLE error

Hello,

anyone had problem with ipsec ikev2 tunnel with static policy rules?
i have 1 physical device and 1 virtual routeros

on physical everything works just ok but on virtual it returns error that policy doesn’t exist
problem is that on virtual routeros chr it doesn’t take DST network for selector value

working physical device:

non-working chr device

any ideas? other end is Google Cloud VPN

Thanks,

Anyone here can help? this is very problematic as Google allows only ipsec which completely doesn’t work on CHR and we need to route traffic trough hardware devices in other locations which cause huge performance drop.