There is a four-letter word describing the situation, starting with letter ж.
Do you use L2TP over IPsec or a plain L2TP? In either case, the solution might be to capture the initial packet, analyse it using wireshark, compose a hex pattern matching that packet using the content match condition, and use it together with a size match condition in a rule which would add a short-lived item to /ip firewall address-list. A script scheduled for every second would look for that address-list item and if found, it would remove the existing /ip firewall connection, so the next retransmission of the initial packet would create a new connection and would also be treated as a connection-state=new packet.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.