Hi everybody! I´m beginner with Mikrotik and I get due Hex RB750gr with router os 6.40.4, I´m very happy because I read that this machine is amazing with configurations but I´m student and I try to improve every day (my english too 
)
The case is conect 2 diferent sites conected on internet with IPSEC and I show my stage:
The first step it´s reset configuration on mikrotik
my internet dealer it´s movistar (company from spain) and I example public ip x.x.x.A or x.x.x.B right, and then I have inside on my lan my Mikrotik using eth1 with dhcp and then eth2 with dhcp server each mikrotik with differents ip on site A 192.168.1.0/24 (network) and site B 192.168.2.0/24 and to navigate inside on the networks to out apply nat rule like
IP → FIREWALL → + [GENERAL] out interface: eth1 action masquerade
now I can navigate on internet inside of my network.
I would like to make tunel ip sec to share my things on LAN over internet (VPN)
I show my configuration on site A and the site B it´s the same but opposite configuration you get me
-IP → IPSEC → [PEERS] + Address: x.x.x.B , port 500, secret: ****, encriptation only AES128
-IP → IPSEC → [POLICIES] → [GENERAL] src_Address: 192.168.1.0/24, dst_Address: 192.168.2.0./24 [ACTION] tunel [*] src_Address X.X.X.A dst_Address: X.X.X.B
Then in IP->IPSEC-> [INSTALLED SAS] I can see stablished
now
-IP → FIREWALL → NAT → + [GENERAL] src_Address: 192.168.1.0/24, dst_Address: 192.168.2.0/24 [ACTION] Accept
but I can´t do ping to my contrary network and opposite can´t neither, which is my fail ??
Can we help me? if I connect my 2 mikrotik on lan I can do ping but over internet no why?
thanks you very much in advance