So with Brians "pressure" on me (HI) i think i have found the problem ... it it the tunnel keep alive
and now the questions
1)Does it necessary to turn it on ?
- why this uses source address of amprGW and destination of my local address maybe its a a bug in the Mikrotik tunnel ? what protocol keep alive uses ? is there anyone else here with mikrotik that have a keep alive open and know if he get same errors from AMPGW ?
Yes, that is probably the reason. You should simply turn it off. The tunnel keep alive packets are tunneled packets with source and destination address swapped. There is no standard for this, but it is a method used by other manufacturers as well. Apparently the expectation is that the remote end of the tunnel will just route the packets and return them on the same tunnel, just like a ping.
However, in your case one of the addresses is a 192.168 (RFC1918) address. Likely you are running your MikroTik behind another router that does NAT. That is not a good idea, you should try to get the real internet address on the MikroTik. With some ISPs it may be difficult because the use of the provided router is mandatory and it cannot be put in transparent mode. Setting "DMZ mode" in the router often causes additional problems.
Rob