Community discussions

MikroTik App
 
hweeliangteo27
just joined
Topic Author
Posts: 1
Joined: Sun Mar 31, 2019 9:46 am

IPSec question

Sun Mar 31, 2019 9:54 am

Hi gurus,

Would the below work?

/ip ipsec policy sa-src-address=FQDN1 sa-dst-address=FQDN2

Or must static IP addresses be used? I was hoping to use DDNS.

Thanks!
 
User avatar
emils
Forum Veteran
Forum Veteran
Posts: 906
Joined: Thu Dec 11, 2014 8:53 am

Re: IPSec question

Mon Apr 01, 2019 10:23 am

Currently only IP addresses are allowed for SA parameters, however we have plans to change this pretty soon.
 
User avatar
Paternot
Forum Veteran
Forum Veteran
Posts: 953
Joined: Thu Jun 02, 2016 4:01 am
Location: Niterói / Brazil

Re: IPSec question

Mon Apr 01, 2019 3:57 pm

Currently only IP addresses are allowed for SA parameters, however we have plans to change this pretty soon.
This would be a blessing. Just do a DNS lookup upon establishing the connection, and another one if it is broken. There are a lot of people with dynamic IPs on both ends.
 
play01
just joined
Posts: 1
Joined: Wed Mar 20, 2019 8:22 pm

Re: IPSec question

Thu May 16, 2019 9:58 pm

Currently only IP addresses are allowed for SA parameters, however we have plans to change this pretty soon.
How can i solve this problem? I have 5 sites and everyone should see each other, but 2 sites have dynamic ip.

Is it possible to do it using a script with the ipcloud dns?
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: IPSec question

Fri May 17, 2019 5:50 pm

It's already in current beta, instead of entering SA addresses manually, policy is attached to peer and takes addresses from there. But using beta might be a little risky.

Who is online

Users browsing this forum: dmconde, mozerd, tangent and 40 guests