[admin@MikroTik] > ip address print 
Flags: X - disabled, I - invalid, D - dynamic 
 #   ADDRESS            NETWORK         INTERFACE                                                                          
 0   192.168.100.120/24 192.168.100.0   ether1-WAN                                                                         
 1   10.16.2.1/24       10.16.2.0       ether2-LAN                                                                         
 2   172.16.1.2/30      172.16.1.0      FORTINET  

[admin@MikroTik] > interface gre print 
Flags: X - disabled, R - running 
 0  R name="FORTINET" mtu=auto actual-mtu=1434 local-address=192.168.100.120 remote-address=192.168.100.110 dscp=inherit clamp-tcp-mss=yes 
      dont-fragment=no ipsec-secret="test1234" allow-fast-path=no 


[admin@MikroTik] > ip ipsec profile print  
Flags: * - default 
 0 * name="default" hash-algorithm=sha1 enc-algorithm=des dh-group=modp1024 lifetime=1d proposal-check=obey nat-traversal=yes dpd-interval=2m 
     dpd-maximum-failures=5 
	 
	 
[admin@MikroTik] > ip ipsec proposal print 
Flags: X - disabled, * - default 
 0  * name="default" auth-algorithms=sha1 enc-algorithms=null lifetime=30m pfs-group=modp1024 


[admin@MikroTik] > ip ipsec policy print 
Flags: T - template, B - backup, X - disabled, D - dynamic, I - invalid, A - active, * - default 
 #      PEER TUN SRC-ADDRESS                                   DST-ADDRESS                                   PROTOCOL   ACTION  LEVEL    PH2-COUNT
 0 T  *          ::/0                                          ::/0                                          all       
 1   A  FO.. yes 0.0.0.0/0                                     0.0.0.0/0                                     all        encrypt require          2

[admin@MikroTik] > ip ipsec peer print   
Flags: X - disabled, D - dynamic, R - responder 
 0  D  name="FORTINET" address=192.168.100.110/32 local-address=192.168.100.120 profile=default exchange-mode=main send-initial-contact=yes
 
 [admin@MikroTik] > ip ipsec identity print 
Flags: D - dynamic, X - disabled 
 0 D  ;;; FORTINET
      peer=FORTINET auth-method=pre-shared-key secret="test1234" generate-policy=no 



[admin@MikroTik] > ip firewall filter print 
Flags: X - disabled, I - invalid, D - dynamic 
 0    chain=forward action=accept src-address=10.16.2.0/24 dst-address=0.0.0.0/0 in-interface=ether2-LAN out-interface=FORTINET log

 1    chain=forward action=accept src-address=0.0.0.0/0 dst-address=10.16.2.0/24 in-interface=FORTINET out-interface=ether2-LAN log
 
 
 [admin@MikroTik] > ip route print 
Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - mme, B - blackhole, U - unreachable, P - prohibit 
 #      DST-ADDRESS        PREF-SRC        GATEWAY            DISTANCE
 0 A S  0.0.0.0/0                          FORTINET                  1
 1 ADC  10.16.2.0/24       10.16.2.1       ether2-LAN                0
 2 ADC  172.16.1.0/30      172.16.1.2      FORTINET                  0
 3 ADC  192.168.100.0/24   192.168.100.120 ether1-WAN                0