Hello all,
I have setup a L2TP IPsec VPN on my Mikrotik. I can connect from all of my devices with no issues. However, If i have two devices that are connecting to my Mikrotik from behind the same WAN IP the second connection replaces the first under my “interfaces” tab and kills the connection. Any thoughts?
Thanks much,
Is on your mikrotik NAT-T active?
/ip ipsec peer … nat-traversal=yes
Yes it is. See below.
[admin@MikroTik] > ip ipsec peer print
Flags: X - disabled
0 address=0.0.0.0/0 port=500 auth-method=pre-shared-key secret=“******”
generate-policy=yes exchange-mode=main send-initial-contact=yes
nat-traversal=yes my-id-user-fqdn=“” proposal-check=obey
hash-algorithm=sha1 enc-algorithm=3des dh-group=modp1024 lifetime=1d
lifebytes=0 dpd-interval=2m dpd-maximum-failures=5
I can’t explain why but it seems to be impossible to call out more than 1 times from behind one WAN-IP to IPsec-L2TP even with NAT-T. 
Well I appreciate you looking at that. Do you know how I make this a feature request/bug report?
I’ve experienced this too, my guess is that the generated policy is not created with ‘level=unique’…
Would be very nice if it worked though.
I think the problem is the mikrotik kernel or the l2tp-server does not implement ipsec saref. File a feature request for ipsec saref! 