Hello,
I have scenario with multiple site-to-site VPN's using IPSec Tunnel mode, with dynamic IP ranges and using BGP.
On latest MikroTik 7, i have to manually specifcy all source / destination IP address ranges in IPSec policies (tunnel mode) which makes the BGP routing hard to sync with IPSec policies
Example, on Cisco devices, when you have IPSec Tunnel mode, it is visible as "tunnel" interface, which makes it easier to specify source/destination IP addreses used for IPSec , for example when using BGP.
What are best practices to handle dynamic ip address ranges when using BGP routing, with IPSec policies on RouterOS ?