Solved on client side. According to https://help.mikrotik.com/docs/display/ ... rOS-Output two rules on client are required which do the job:where first rule catch locally originated packets from udp/1701 and mark them and second rule catch marked packets and rewrite to another client port (17003). Respectively, ipsec policy need to be described in the following way:and voila, it works.
Code:
[admin@MI2] /ip/firewall> export/ip firewall mangleadd action=mark-packet chain=output new-packet-mark=lo2tp protocol=udp src-port=1701/ip firewall natadd action=src-nat chain=srcnat packet-mark=lo2tp protocol=udp to-ports=17003Code:
/ip ipsec policyadd dst-port=1701 level=unique peer=remote_peer proposal=l2tp protocol=udp src-port=17003Statistics: Posted by doka — Mon Jan 01, 2024 5:19 pm