Please for help, i am really new in this
My situation is:.
ISP — Cisco EPC3925 — Mikrotik
Cisco - Public IP: 89.216.xx.xx
LAN IP: 192.168.1.0/24
Mikrotik: IP: 192.168.1.252
On cisco I have forwarded udp ports 500, 4500, and 1701 to 192.168.1.252
Mikrotik should be L2TP/IPSec server. I have follow this tutorial:
http://www.nasa-security.net/mikrotik/mikrotik-l2tp-with-ipsec/
but on windows VPN client getting error 809.
Both, cisco and mikrotik has a NAT turned ON. Could it be the problem?
I could post Log if it can help…
Yes it’s problem, that what you have is a router which should put in bridge mode to on your MikroTik which is behind a router got a public address. but since the condition is almost impossible to put into bridge mode, asking the operator or provider that you replace it with a modem.
Now that you have set the configuration, you can IPSEC ends on a public address, and the address of your router in this cisco, and you’re set up of ipsec on Mikrotik who has a private address.
Can I do this if I move Public IP from Cisco to Mikrotik directly?
I think it is not possible to shift public IP address with this CISCO router on mikrotik. The only way you do that is to CISCO switch into bridge mode and that way you get to MikroTik public address.
Nemanja ,
I think I found a way to put up a Cisco router in bridge mode.
Thanks for informatio, are you maybe from Serbia? 
OK. If you mean on HTML Injection code? I try but without successfully. on the end I asked to give me just a modem.
Yes ( Jesam 
)
Can you give me please some contact, i have a couple questions if you could help me?