Mikrotik cannot fix a bug if they don't get enough information about it. So generate the supout.rif file and send it to email@example.com
. I am running several IPsec tunnels using various 6.42.x versions and things like this do not happen, so it is not a generic issue to happen to everyone.
I'd suggest you to follow the instructions in my automatic signature, as there may be something in your configuration which results in what you describe.
Plus add the output of /ip ipsec remote-peers print
, /ip ipsec policy print
, /ip ipsec installed-sa print
, of course after applying the systematic public IP address substitutions also on these data before posting them.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace each occurrence of any public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.