I have two sites and i want to make a mikrotik to mikrotik ipsec tunnel , one mikrotik has valid ip (static ip ) and it is constant another mikrotik is connect to internet with one adsl modem but i made one pppoe client in mikrotik and connect with that to internet but the isp gives me static ip on dhcp and it changes every time. the pppoe client interface name is ‘internet’ . can any body help me to write one script for this ?
I have this one but its not match with my interface name and i dont know how can i change some interface name and variable in this script please help me
/system script
add name=DHCP-VPN-UPDATE policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive source=":local WANip\
\_[/ip address get [find interface=\"ether5\"] address]\r\
\n\r\
\n:log info \"Interface IP is \$WANip\"\r\
\n\r\
\n:local WANip [:pick \"\$WANip\" 0 ([:len \$WANip] - 3)]\r\
\n\r\
\n:log info \"IP sans the slash notation is \$WANip\"\r\
\n\r\
\n/ip ipsec policy set 0 sa-src-address=\$WANip"
You need scripts on both sides.
Create dynDNS account, on side with dynamic IP run DynDNS update script.
You can find this script on this forum.
On side with static IP run script to update IPSec policy.
# Set needed variables
:global previousIP
:global currentIP
:global redomain
# print some debug info
:log info ("remote-location-update: previous IP: $previousIP")
# get the current IP address from the internet
:set redomain [:resolve "yourdomain.dyndns.info"]
:set currentIP $redomain
# Determine if update is needed
# and set new SA Destination Address
:if ($currentIP != $previousIP) do={
:set previousIP $currentIP
:log info ("remote-location-update: new IP: $currentIP")
/ip ipsec policy set 0 sa-dst-address=$currentIP
/ip ipsec peer set 0 address=$currentIP
} else={
:log info ("remote-location-update: no change")
}
On both sides run scripts from scheduler every 15 min.
