Code: Select all
Flags: T - template, X - disabled, D - dynamic, I - invalid, A - active, * - default
# PEER TUNNEL SRC-ADDRESS DST-ADDRESS PROTOCOL ACTION LEVEL PH2-COUNT
0 T * ::/0 ::/0 all
1 A TRANS-GW #1 yes 0.0.0.0/0 a.b.23.213/32 all encrypt require 1
2 A TRANS-GW #1 yes 0.0.0.0/0 c.d.30.0/24 all encrypt require 1
[rtradmin@host] /ip ipsec policy> :local test1 [/ip ipsec policy get 1 dst-address ]
[rtradmin@host] /ip ipsec policy> :put $test1
[rtradmin@host] /ip ipsec policy>
Code: Select all
:foreach i in=[/ip route find where distance=20 and bgp and gateway~"^a.b.*\$"] do={
:local prefix [/ip route get $i dst-address]
:put $prefix
:if ([/ip ipsec policy get [/ip ipsec policy find where dst-address=$prefix] dst-address] = $prefix) do={
:put found
} else={
:put notfound
}
}