Using DNS instead of IP with MikroTik Router as a VPN Client

Jotne · January 23, 2019, 7:46am

When you setup a VPN client, you need to input an IP to connect to. But what if the IP is not static?

Eks L2TP-Client setup

/interface l2tp-client
add connect-to=1.2.3.4 disabled=no ipsec-secret=my_secret name=home-server password=HardToGuess use-ipsec=yes user=RemoteSite

Connet-to can only contain IP and no DNS, so here is how I solved it. (There may be better solution)
I did setup a script that test the DNS every 24 hour and see if the IP changes, if so then update L2TP-client.

# get the current ip
:global currentIP
# get ip from DNS name
:local newIP [resolve my-server.dyndns.org]
# comapre old/new
:if ($newIP != $currentIP) do={
	# set VPN remote IP
	/interface l2tp-client set connect-to=$newIP [find name=home-server]
	# log changes
    :log info message="ip address $currentIP changed to $newIP"
	# set current IP to new IP
    :set currentIP $newIP
}

If someone has a better solution, please post

cdiedrich · January 23, 2019, 8:25am

I wonder which version of routerOS you are running.
connect-to nicely accepts fqdn. I’m connecting many devices with this.
-Chris

Jotne · January 23, 2019, 8:44am

Uff, my fault.

I see now that it does work with fqdn, not sure why it did not work before

One thing does does not accept fqdn that I do use in the same script is the remote logging host (Remote Address)