Hi,
we have found strange? behaviour of Mikrotik handling UDP packets. We have Mikrotik with L2TP VPN connected to VPN server. There are more servers behind VPN server, processing data. Behind Mikrotik there is device, which sends UDP packets through VPN to server. Server sends back to device UDP packets with some kind of data confirmation. We have found, that in case when VPN disconnects, UDP packets from device destined to server are correctly masqueraded and sent through WAN. This is normal behaviour. BUT as soon as VPN connects again, UDP packets from device start to flow to server through VPN again, but with SENDER IP incorrectly set to WAN IP of Mikrotik because they are also masqueraded. So Mikrotik is able to recognize situation when it is necessary to start masquerading, but is not able to stop masquerading when VPN is up again and packets start to go by another way.
Solution of this problem is to delete UDP connection in the list of connections in Firewall window. We have also lowered UDP timeout in Connection Tracking from 10 sec to 1 sec and it seems to be solved for now.
But I would like to know whether is this an error in RouterOS or is this normal behavior?