We have about 50 AP’s and about 200-250 clients connecting to the various AP’s randomly. Basically lots of vehicles moving around constantly.
I want a script that will run either on the AP or on the clients that will force changes on the clients. For example. If I want all clients to start using a different NTP server for example, I would like to automate that change. My clients are not always online, so I need scripts to run so that when they are online, they will download and/or update their configuration changes if necessary.
I very familiar with working with the RouterOS and what commands I would type on the command line etc to cause the changes I want, but the scripting is not something that I can follow very well. I can probably figure out the scheduling of the script, but writing the script is an issue for me.
Can I cause the router’s to download an entirely NEW configuration file & apply it, or can I at cause them to receive configuration changes via scripting?
I’ve looked at the examples etc, but I just don’t understand the scripting language enough to create my own script.
The simplest approach is to have the APs that you call clients pull a file via “/tool fetch”, and then import it. Publish a file that contains configuration changes as you’d do them on the CLI under a known name on a known server, and a scheduled script fetches that file and imports it. Of course the file being fetched must be safe to execute multiple times, since a client will fetch it whenever scheduled.
# delete any existing file
/file remove [/file find name="config-update.rsc"];
# fetch new file
/tool fetch mode=ftp address=1.1.1.1 user=myFTPuser password=myPassword src-path="/config-update.rsc" dst-path="config-update.rsc";
# import it
/import file-name="config-update.rsc";
An alternative approach that’s a little bit more complicated is to have each AP fetch a file based on its software ID. You can then, for example, write a server side program (PHP, whatever) that uses that software ID to serve a configuration script to an AP - that way you can record that it already fetched a change and just serve it an empty file, or you could customize what each AP is being served.
# delete any existing file
/file remove [/file find name="config-update.rsc"];
# fetch file specific for this AP
:local ID [/system license get software-id];
:local resource ("/getConfig.php?softwareID=" . $ID);
/tool fetch mode=http address=1.1.1.1 src-path=$resource dst-path="config-update.rsc";
# import it
/import file-name="config-update.rsc";
Ok, that might work fine for us for now. I will do some testing and repost my results. Ultimately, we’d like to get to a point where we could send unique files to AP’s based on their MAC address (since they all have identical code).
Right now we have pressure on us to get all the stations OFF a certain NTP server, and this should do the trick.
I think using the software ID would be better than using a MAC address. You can (and might) administratively change MAC addresses, software IDs are truly unique to a unit.
Good luck.
That does seem to be working, but I do have issues with overwriting the previous script and other sections if they already exist. I’ve tried using the “remove” command and in conjunction with the “print” command like you would in a telnet session, but it does not seem to function properly when importing the file. Any ideas on the best way to overwrite existing values when importing the config file?