Great content! Because both my Mikrotik and Ubuntu host were behind NAT devices, I had to make a few changes BUT it works amazing.
Ubuntu: add the auto=start to the connection remote the right and add a rightid (see below) that is set to the internal IP address of my router (example 192.168.1.1) change the IPs in the ipsec.secrets to match the leftid and rightid
Mikrotik: change the /ip ipsec identity to include the 'my-id=address:192.168.1.1', which matches the rightid above simplify the /ip ipsec policy to be: add dst-address={leftid above}/32 peer="DH_HO_Peer1" proposal="DH_HO_Proposal1" src-address={rightsubnet above}/24 tunnel=yes
Great content! Because both my Mikrotik and Ubuntu host were behind NAT devices, I had to make a few changes BUT it works amazing.
Ubuntu:
add the auto=start to the connection
remote the right and add a rightid (see below) that is set to the internal IP address of my router (example 192.168.1.1)
change the IPs in the ipsec.secrets to match the leftid and rightid
Mikrotik:
change the /ip ipsec identity to include the 'my-id=address:192.168.1.1', which matches the rightid above
simplify the /ip ipsec policy to be: add dst-address={leftid above}/32 peer="DH_HO_Peer1" proposal="DH_HO_Proposal1" src-address={rightsubnet above}/24 tunnel=yes