Good day to all.
There is a SXTR LTE which is picking up ipsec ikev2 via mobile internet. Everything works fine. On lte1 interface appears dynamic ipsec tunnel address.
But....that's the problem.
Masquerade rule
add action=masquerade chain=srcnat ipsec-policy=out,none log=yes out-interface=lte1
When I try to connect to the internet instead of the real lte1 IP address I get a dynamic tunnel address in src-nat and respectively no connection is established.