One of the solution would be to bypass ike id check:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB27302&actp=search
In SRX, this done in " security ike gateway " hierarchy. However it is not valid hierarchy on MX80 MIC.
What I have found out - on MX80 MIC it is possible to bypass ike id check in dynamic endpoints configuration mode (with access profiles). However I would need static end point configuration.
I also found out that following sections are optional on SRX:
set security ike gateway gateway ?
Possible completions:
......
general-ikeid Accept peer IKE-ID in general <------------------
...
> local-identity Set the local IKE identity
> remote-identity Set the remote IKE identity
distinguished-name Use a distinguished name <-------------------
Those two allow to bypass remote-ike-id check on SRX. However there is no equivalent on MX80 MIC ...
Anybody knows?