Microtik server, IKEv2 Win10 client. Win - IPSEC on PC’s certificates. ESP encryption. Nat traversal on ipsec profile, clients behind the (some other routers and different providers). Same question for all.
Fw 6.45.9 - works fine, big pings and big packets OK, connection fails after ~2 minutes becomes like “black hole”. OK. Wifi issue maybe, not intrested in.
Fw 6.46.6. Connects OK, big packets fails. From client to server MAX OK ping size is 1586 bytes, from Microtik to client 1614 bytes. Larger pings fails. File transfer fails, too.
MTU 1000 (for now), set by Win10 tcp settings. Provider MTU is about 1500, router mtu 1500..1300 and does no matter. Packet sniffer shows on 1614(Ok) 2 packets 996+638. On 1615-sized pings, nothing by icmp filter. Changing MSS with mangle works, but does no “Oh, THIS was the reason!” effect.
Any ideas?
Should i try BETA now? I didn’t find anything about phase2 or etc. in IPSEC changes.
Thanks for cooperations 
Maybe useful.
ip-firewall-filter rules-“defconf:fasttrack”, set DISABLE. It works now. Ping fails, BUT file transfer, udp, tcp OK.