my final objective, it's to do this in a 4g card for failover purposes, but that's when scripting comes to play, and I don't have that level of knowledge, so if you have some tips, it would be great.
BTW=you have to manually add routes for your remote site. but it works fine!!
What is the actual question? Or are you just so happy that it works that you need to share ?
First, once you’ve set use-ipsec=yes in the /interface l2tp-client, you don’t need to configure a peer towards the L2TP/IPsec server manually as the l2tp astro clock creates a peer dynamically (so you end up with two peers).
Second, what kind of failover do you have in mind?
you can set up one L2TP/IPsec client via each WAN and have a failover between the two L2TP tunnels, but that requires one of the following:
two L2TP accounts at the server
multiple actual connections to be permitted for the same L2TP account, each with another IP address
support of L2 tunnels over L2TP and of STP on the server side (which I don’t know whether Meraki supports)
you may configure a single L2TP/IPsec tunnel, but let the IPsec “session” fail over between the WANs; this would be a less preferred solution to me as the failower would take much more time and involve scripting as it takes time until the IPsec connection notices the peer to stop responding and as the connection tracking in firewall keeps using the src-nat address with which the connection has been initially established as long as the connection doesn’t time out, and it never does because the IPsec peer keeps trying.
No “idea” can help with scripting, you need to read the scripting manual and spend some time trying. If you never had to do with algorithmic programming before, RouterOS scripting language is definitely not the best one for the beginner to start with (although some others are even worse).
So be more specific on what you want, what should be the resulting network topology, and whether you’ve programmed before or not, so that the response could be adjusted to all this.
?