MikroTik Tutorial: Firewall ruleset for IPsec whitelisting
This article will show you how to setup a firewall whitelist for IPsec peer associations on a MikorTik router. The firewall ruleset will make use of address-lists to allow UDP 500 traffic only from trusted networks.
The address list for trusted networks will be called ipsec-trusted-nets
and all other hosts that attempt IPsec traffic will be added to the list ipsec-uninvited
.