I’m using a dynamic interface (OVPN client) in firewall rule as incomming/outgoing interface. When OVPN client is connected, it is working correctly. When the same OVPN client is disconnected and connected again, in the firewall rule there is invalid interface. It is probably caused becasue new interface ID is created for the new connection. Is there some way how to use dynamic interface in firewall rule and after client disconnection and connection will be the interface in firewall rule correct?
My idea is to run periodical script to check “/interface print”, find if the client is connected and then configure via a script the correct interface to firewall rule. For this case I have a problem to find interface with wildcard mask “ovpn-clientname*” - sometimes there is a new interface name created with a “-1” at the end:
ovpn-clientname
ovpn-clientname-1
If this is the correct way how to solve this issue, how it is possible to find interface name in the way: “ovpn-clientname*”?
OVPN server is running on RB where is the firewall rule configured, RB433AH, ROS 5.0, firmware last possible. If you need more details, please let me know. If there is other way how to solve this problem, I will be happy with sharing ideas
i have multiple openvpn server interfaces on a bridge (RB1200) but when i poweroff/poweron a client (rb750) the openvpn client does not fallback on the same openvpn server.
on the rb1200 side it is created dynamic. when i reset the client router through the menu it is ok…
is it a bug or… can someone help me to find a script to find dynamic openvpn interfaces and disable them and then reenable…?
something like that
[admin@MikroTik] > :foreach i in [/interface ovpn-server find dynamic=yes ] do={ :put $i }
*1e6d
*1eb6
Server thinks that tunnel is still up until timeout exceeds. So when Rb750 powers up it makes new tunnel. Set only-one=yes in ppp profile to allow only one tunnel.
