eugene one sended me this
Posted: Thu Aug 12, 2004 2:47 pm Post subject:
--------------------------------------------------------------------------------
I would configure something like the following:
/ip ipsec peer add address=1.1.1.2 secret=qazwsxedc generate-policy=no
/ip ipsec policy add sa-src-address=0.0.0.0 sa-dst-address=1.1.1.2 action=encrypt tunnel=yes <src- and dst- addresses as appropriate>
/system script add name=addr-refresh source={:foreach i in=[find] do {:if ([/ip address find address=[/ip route get $i preferred-source]]!="") do {:if([/ip address get [/ip address find address=[/ip route get $i preferred-source]] address]=[/ip dhcp-client lease get address]) do {:if ( [/ip ipsec policy get [/ip ipsec policy find sa-dst-address=1.1.1.2] sa-src-address] != [/ip route get $i preferred-source]) do {/ip ipsec policy set [/ip ipsec policy find sa-dst-address=1.1.1.2] sa-src-address=[/ip route get $i preferred-source] }}} }}
/system scheduler add name=run-15s interval=15s on-event=addr-refresh
it was to make ipsec connections from a dynamic ip adress to a static one...
but the script just doesn't work, i really tried everything... but i just don't see the fault...
i get this...
no sutch command or directory (find)
can someone check this
thxs
pascal