Microtik to Cisco IPSEC tunnel, some traffic not routing

RouterOS General
1

I am trying to put together an IPSEC tunnel between our RB 1100 an a Cisco ASA. We are simply making a secure tunnel between two servers. But I can't figure out why traffic is only routing properly one way.

Our tunnel establishes just fine and the server on the Cisco side can talk to the server on the microtik side just fine through the tunnel, but the traffic going from server behind the microtik router tries to route through the web instead of the tunnel. On the routes table I have the IP of the remote server and the ip of our end of the tunnel as the gateway. Yes, the IP is the same as the servers normal gateway ip.

There is no NAT as these are all internet routable IPs, our nat table is empty.
All of the examples I found were a subnet to subnet tunnel, this is a single ip to single ip tunnel.

server 1 y.y.104.210
server 2 x.x.22.126
Microtik tunnel end y.y.104.209
cisco tunnel end n.n.123.238/32



/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=yes enc-algorithms=aes-128,aes-256 lifetime=30m name=default pfs-group=modp1024
add auth-algorithms=sha1 disabled=no enc-algorithms=aes-128,aes-256 lifetime=30m name="default proposal" pfs-group=modp1024
/ip ipsec peer
add address=n.n.123.238/32 auth-method=pre-shared-key dh-group=modp1024 disabled=no dpd-interval=2m dpd-maximum-failures=5 enc-algorithm=
aes-256 exchange-mode=main generate-policy=no hash-algorithm=sha1 lifebytes=0 lifetime=1d my-id-user-fqdn="" nat-traversal=no port=500
proposal-check=obey secret=secret send-initial-contact=yes
/ip ipsec policy
add action=encrypt disabled=no dst-address=x.x.22.126/32 dst-port=any ipsec-protocols=esp level=require priority=0 proposal=
"default proposal" protocol=all sa-dst-address=n.n.123.238 sa-src-address=y.y.104.209 src-address=y.y.104.210/32 src-port=any
tunnel=yes

DST-ADDRESS PREF-SRC GATEWAY DISTANCE

0 A S 0.0.0.0/0 z.z.28.93 1
1 ADC y.y.104.160/28 y.y.104.161 ether2 0
2 ADC y.y.104.208/28 y.y.104.209 ether2 0
3 ADC z.z.5.192/26 z.z.5.193 ether2 0
4 ADC z.z.28.92/30 z.z.28.94 ether1-gateway 0
5 S x.x.22.126/32 y.y.104.209 1 for some reason it reports the gateway as unreachable. I think this may be related to the problem but I don't know where to look next.