Community discussions

MikroTik App
 
jaytee129
just joined
Topic Author
Posts: 4
Joined: Sun Mar 05, 2023 11:31 pm

putting remote VPN address in a variable if VPN is active

Tue Mar 14, 2023 11:32 pm

I'm sure this is easy stuff for a Mikrotik scripting veteran but I'm banging my head trying to find the way to do this.

If it exists, I'm trying to put a VPN remote address in a variable but am not finding how to do it in documentation.

I can get the following info using console commands but don't know how to get the remote-address into a variable:
/ip ipsec active-peers> print
Flags: R - responder, N - natt-peer 
 #    ID                   STATE              UPTIME          PH2-TOTAL REMOTE-ADDRESS                  DYNAMIC-ADDRESS                          
 0  N x.x.x.x        established        21m35s                  1 x.x.x.x                                                     
.
I also need to know when the VPN is not active, i.e. nil (missing) remote-address, like this at the console:
/ip ipsec active-peers> print
Flags: R - responder, N - natt-peer 
 #    ID                   STATE              UPTIME          PH2-TOTAL REMOTE-ADDRESS                  DYNAMIC-ADDRESS                          
.
As an alternative, is there also a way to pull out the "Flags" value because there's another place where I can grab this address and - if I can check the flags - I can know whether or not the VPN is active. There's an X as a Flag when it's not enabled. How do I put that into a variable in a script?
/ip ipsec peer> print
Flags: X - disabled, D - dynamic, R - responder 
 0 X   name="Proton VPN server" address=x.x.x.x/32 profile=Proton VPN profile exchange-mode=ike2 send-initial-contact=yes 
.
Any info would be appreciated
Last edited by jaytee129 on Wed Mar 15, 2023 3:02 pm, edited 1 time in total.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11982
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: putting remote VPN address in a variable if VPN is active  [SOLVED]

Wed Mar 15, 2023 12:39 am

1) but the peer must be active or give error
:put [/ip ipsec active-peers get ([find]->0) remote-address]

2) / 3) if is > 0 at least one active-peer is present
:put [:len [/ip ipsec active-peers find]]

Who is online

Users browsing this forum: No registered users and 18 guests