coming back to the intial issue, I would like to contribute some technical facts.
You need to chose the VPN technology according to your limiting factors. These could be:
- NAT/CNAT (https://en.wikipedia.org/wiki/Carrier-grade_NAT
- dual-stack lite (https://en.wikipedia.org/wiki/IPv6_tran ... DS-Lite.29
- restricted internet access (e.g. firewall)
For me, there are three VPN technologies which stand the test for almost all scenarios. Of course there are several other VPN technologies, but either they are considered insecure or not implemented on RouterOS, so my selection is:
- secure if configured correctly
- good throughput if you're using HW acceleration
- highly compatible to all kind of devices, vendors and OS
- if you use L2TP, you have "real" interfaces which behave like physical interfaces
- "difficult" to configure right (in terms of security as you really need to understand what you're doing)
- not so well suited for NAT, "simple NAT" will work, CNAT mostly won't
- relativly sensitive to packet loss
- easy to configure (use proper SSL/TLS certificates, use PFS, use TLS 1.2, check server certificate and if you need/like to: check client certificate)
- works out of the box with windows clients
- works in almost every scenario where port 443 is available
- works fine with "MikroTik <--> MikroTik" and "MikroTik <--> Windows"
- slow (as someone already mentioned: TCP-over-TCP is bad regarding throughput and latency)
GRE (over IPSec)
- not so common in the non Windows-world
- if used in conjunction with IPSec: same as (L2TP)/IPSec
- GRE by itself (without IPSec) is stateless
- it's stateless (can be a curse and a mercy at the same time)
- plain GRE has no authentication mechnism
Of course the mentioned pros and cons are not complete. I focused on the in my opinion most important facts.
Okay, I'll stop beeing a wise ass. To come back to the intial question: If you have one site connected by LTE you probably run into (C)NAT issues, so you need to bite the bullet and use SSTP.
If (C)NAT is no issue, use (L2TP)/IPsec. All VPN techologies add additional encapsulation (translates to overherad), and are therefore decreasing throughput and increasing latency. So using VPN with 1MBit/s will result in a slow(er) connection between the two sites and there is nothing you can do about it :-/