Hi,
I haven’t done much with scripting but from what I know, the below command should work.
/ip ipsec policy set find [ sa-dst-address=x.x.x.x ] sa-src-address=y.y.y.y
Apparently NOT. (no ‘find’ after ‘set’ option)
I’m trying to change “sa-src-address” of a whole bunch of policies where sa-dst-address=x.x.x.x
Can someone tell me where my mistake is?
Thank you.
Where is your error?
Here:
The error is = no ‘find’ after ‘set’ option
/ip ipsec policy set find
If you type that out you will get a RED cursor on ‘f’, telling you no ‘find’.
Pressing TAB after ‘set’, you get following list displayed.
[admin@MikroTik] > /ip ipsec policy set
action dst-address ipsec-protocols protocol src-address tunnel
comment dst-port level sa-dst-address src-port numbers
disabled group proposal sa-src-address template
[admin@MikroTik] > /ip ipsec policy set
As you can see ‘find’ is not available.
Thank goodness you’re here to explain to me how it works, you know, I’ve never written scripts, I’m not capable of it…
rextended, you have always the option to refrain from commenting if you don’t understand the question AND don’t have anything useful to post…
giguard, if you open the square bracket after set, you will see the autocompletion commands applicable within the brackets:
(v7, but probably same syntax as v6)
[admin@MikroTik] > /ip ipsec policy set
action disabled dst-port ipsec-protocols numbers proposal sa-dst-address src-address template
comment dst-address group level peer protocol sa-src-address src-port tunnel
[admin@MikroTik] > /ip ipsec policy set [
group add comment disable edit enable export find move print remove reset set
[admin@MikroTik] > /ip ipsec policy set [ find sa-dst-address=x.x.x.x ] sa-src-address=y.y.y.y
Right, you are.
Now that’s out of my way I’m gonna have a cup of coffee. (Yup it’s Nescafe 
)
Not (completely related), any specific reason for running this version?
The first part you could have avoided writing, the second you could be right.