Allowing Connections From a Dynamic IP

ZER0SEN · July 5, 2017, 2:38pm

Hi all,

I’m quite new to Mikrotik and I’m not familiar with all the things routerOS can do. Which is why I’m going to ask my question here.

I’m currently setting up a simple pptp VPN from an office router to a remote site. Nothing too fancy or needing much security. I’ve managed to get things connected by creating a filter firewall rule based on the sites IP. The trouble is, the IP there is a dynamic one and will change without notice. Is there any way to have the firewall allow connections from the site based on DDNS or similar? It would eliminate the need to update the firewall manually whenever the site gets a new WAN IP.

Thanks for taking the time to answer my seriously noob question!

Yours,

ZER0SEN

Sob · July 5, 2017, 3:02pm

Sure, you can use address list:

/ip firewall address-list
add address=mydynamichostname.example.net list=vpn-client
/ip firewall filter
add action=accept chain=input src-address-list=vpn-client

Further limit filter rule to allow only PPTP, if you want.

ZER0SEN · July 5, 2017, 3:27pm

Sob,

I’ll give that a try. Thank you for taking the time!

-ZER0SEN