IPSEC - between BIGIP and Mikrotik router

Hi,

 

I would like help in the best way to configure IPSEC Tunnel in BIGIP to provide access to the company's internal server network to external client with mikrotik router

 

Scenario:

 

SIDE A - external internet client wants to access the internal services of the Ipsec tunnel with Mikrotik router.

 

side B - Server - 02 Bigip 2200S active / passive configuration having external vlan connected to 2 links from different providers providing redundancy to the internet access. The internal vlan communicates through a gateway network (172.18.x.x) that connects the internal vlan of the BIGIP to the Firewall Fortigate, where it is created the policies for the internal network and DMZ.

 

The idea would be to close the IPSEC tunnel directly in the BIGIP and this route the internal traffic to the Firewall Fortigate where the access permissions will be created.

 

In view of the above scenario, we would like you to point out the least modifying our existing topology.