Hi!
Time ago I post a little tutorial [1] for setting a IPSec VPN connection with RouterOS when the Mikrotik it’s after a firewall.
That tutorial uses the main exchange mode and needs to set in the ID field the external wan IP address of that office.
The option to change the ID on main mode was removed on RouterOS 6.22. Due to this the ID used for main mode it’s the local address of the mikrotik which differs a lot of the real WAN address.
I read something about using aggresive mode, but if the Cisco only accepts main mode we can’t do do anything.
[1] http://forum.mikrotik.com/t/ipsec-vpn-tunnel-within-cisco-with-lots-of-inside-subnets/77386/1