Community discussions

MikroTik App
 
mevara
just joined
Topic Author
Posts: 8
Joined: Thu Mar 09, 2023 9:33 am

How to optimize IKEv2 life test script?

Mon Mar 27, 2023 11:34 am

After upgrading to 7.8, the IKEv2 client does not automatically connect to the server. I need to manually turn off and on the IKE peer, after that the connection goes up as usual.
I use a script to check that the connection is established through the right channel (because the backup channel is with limited traffic). Additionally, a recursive routes check, so that two routes go to each wan "through the dns server".
Please tell me how to add a situation to this script to check if an IKE connection exists, and if not, to disable and enable the peer.
I did this, but it doesn't work well:
:if ([/ip/ipsec/active-peers print count-only]=0) do={
 :local ikeaddr "0"
} else={
 :local ikeaddr [/ip/ipsec/active-peers get [/ip/ipsec/active-peers find] local-address];
}
:if ($ikeaddr != "192.168.1.2") do={
 :if ($ikeaddr = "192.168.2.17") do={
  :log warning "Wrong IKEv2 way";
  :if ([ip route get [find routing-table="Out WAN1" gateway=8.8.4.4] active]||[ip route get [find routing-table="Out WAN1" gateway=1.0.0.1] active]) do={
   :log warning "reconnect IKEv2";
   /ip ipsec active-peers kill-connections;
  } else={
   :log warning "WAN1 is dead"
  }
 } else={
  :log warning "Reset IKE2 peer";
  /ip/ipsec/peer/disable "peer ike2";
  /ip/ipsec/peer/enable "peer ike2";
 }
}
192.168.1.2 - main WAN IP
192.168.2.17 - backup WAN IP

1. I don't know how to properly check if a connection exists. My version not works.
2. I can’t figure out how to write a script correctly so that the peer does not turn off while creating a connection (reconnection).
 
mevara
just joined
Topic Author
Posts: 8
Joined: Thu Mar 09, 2023 9:33 am

Re: How to optimize IKEv2 life test script?

Wed Mar 29, 2023 10:24 am

Message up
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: How to optimize IKEv2 life test script?

Wed Mar 29, 2023 12:26 pm

Contact support and ask to solve the problem, instead to try to find one alternate solution....
 
mevara
just joined
Topic Author
Posts: 8
Joined: Thu Mar 09, 2023 9:33 am

Re: How to optimize IKEv2 life test script?

Wed May 03, 2023 9:33 am

Contact support and ask to solve the problem, instead to try to find one alternate solution....
Unfortunately, support asked a clarifying question and has been silent for a month. During this time, several RC versions have been released.

Who is online

Users browsing this forum: zandhaas and 13 guests