Hello, I would appreciate some assistance in writing a script to run in a Mikrotik router. I am trying to get a remote Mikrotik router to phone home by establishing an ovpn tunnel. I am able to deliver my local IP address to the remote router, and store it in its firewall address list. My local IP changes occasionally. The ovpn tunnel setup does not seem to have a way to directly use a variable for the connect-to address. I need help with a script to perform this. Here are details of the project: 1. Add an entry to the list to simulate a separate process that adds entries automatically. I have the this part working already. /ip firewall address-list add list=K7QJ address=97.11.22.33 2. Add the following ovpn tunnel to simulate an earlier entry in the router setting up the tunnel. This is a slightly edited version of a working tunnel. /interface ovpn-client add add-default-route=yes certificate=cert_export_client_QJ.crt_0 cipher=aes256 comment="Tunnel to K7QJ TS " connect-to=12.34.56.78 **** placeholder IP disabled=yes mac-address=00:11:22:33:44:55 name=Tnl_K7QJ password=abcdefg user=K7QJ_A 3. Here is where I need help..... Create a script that will scan the address list, locate the entry K7QJ, and put the address value (97.11.22.33) in a variable. 4. Add lines to the script that will edit the above tunnel setup as follows: connect-to=97.11.22.33 **** where the IP is recovered from the variable disabled=no **** and the tunnel goes live. Thanks for any help you might be able to offer. Rob K7QJ
It looks like connect-to can take either a name or an address: [eo@CR1] /interface ovpn-client> add connect-to= ConnectTo ::= Address | Name Name -- string value Address ::= A.B.C.D (IP address) Have you tried having your dynamic IP register with DNS, and then have the ovpn-client connect to that DNS? On the ovpn-server side, there's instructions from our Open Peering Policy page on how to configure Dynamic DNS: http://hamwan.org/Labs/Open%20Peering%20Policy.html#optionally-configure-dyn... Although Mikrotik also has their own "ip cloud" dynamic dns thing: https://wiki.mikrotik.com/wiki/Manual:IP/Cloud --Bart On 5/6/2020 2:36 AM, Rob Martin via PSDR wrote:
Hello,
I would appreciate some assistance in writing a script to run in a Mikrotik router.
I am trying to get a remote Mikrotik router to phone home by establishing an ovpn tunnel. I am able to deliver my local IP address to the remote router, and store it in its firewall address list. My local IP changes occasionally.
The ovpn tunnel setup does not seem to have a way to directly use a variable for the connect-to address. I need help with a script to perform this.
Here are details of the project:
1. Add an entry to the list to simulate a separate process that adds entries automatically. I have the this part working already.
/ip firewall address-list add list=K7QJ address=97.11.22.33
2. Add the following ovpn tunnel to simulate an earlier entry in the router setting up the tunnel. This is a slightly edited version of a working tunnel.
/interface ovpn-client add add-default-route=yes certificate=cert_export_client_QJ.crt_0 cipher=aes256 comment="Tunnel to K7QJ TS " connect-to=12.34.56.78 **** placeholder IP disabled=yes mac-address=00:11:22:33:44:55 name=Tnl_K7QJ password=abcdefg user=K7QJ_A
3. Here is where I need help..... Create a script that will scan the address list, locate the entry K7QJ, and put the address value (97.11.22.33) in a variable.
4. Add lines to the script that will edit the above tunnel setup as follows:
connect-to=97.11.22.33 **** where the IP is recovered from the variable disabled=no **** and the tunnel goes live.
Thanks for any help you might be able to offer.
Rob K7QJ _______________________________________________ PSDR mailing list PSDR@hamwan.org http://mail.hamwan.net/mailman/listinfo/psdr
Bart, Thanks for the response. I'll give it proper attention later tonight. Rob K7QJ On Wednesday, May 6, 2020, 04:48:53 PM PDT, Bart Kus <me@bartk.us> wrote: It looks like connect-to can take either a name or an address: [eo@CR1] /interface ovpn-client> add connect-to= ConnectTo ::= Address | Name Name -- string value Address ::= A.B.C.D (IP address) Have you tried having your dynamic IP register with DNS, and then have the ovpn-client connect to that DNS? On the ovpn-server side, there's instructions from our Open Peering Policy page on how to configure Dynamic DNS: http://hamwan.org/Labs/Open%20Peering%20Policy.html#optionally-configure-dyn... Although Mikrotik also has their own "ip cloud" dynamic dns thing: https://wiki.mikrotik.com/wiki/Manual:IP/Cloud --Bart On 5/6/2020 2:36 AM, Rob Martin via PSDR wrote:
Hello,
I would appreciate some assistance in writing a script to run in a Mikrotik router.
I am trying to get a remote Mikrotik router to phone home by establishing an ovpn tunnel. I am able to deliver my local IP address to the remote router, and store it in its firewall address list. My local IP changes occasionally.
The ovpn tunnel setup does not seem to have a way to directly use a variable for the connect-to address. I need help with a script to perform this.
Here are details of the project:
1. Add an entry to the list to simulate a separate process that adds entries automatically. I have the this part working already.
/ip firewall address-list add list=K7QJ address=97.11.22.33
2. Add the following ovpn tunnel to simulate an earlier entry in the router setting up the tunnel. This is a slightly edited version of a working tunnel.
/interface ovpn-client add add-default-route=yes certificate=cert_export_client_QJ.crt_0 cipher=aes256 comment="Tunnel to K7QJ TS " connect-to=12.34.56.78 **** placeholder IP disabled=yes mac-address=00:11:22:33:44:55 name=Tnl_K7QJ password=abcdefg user=K7QJ_A
3. Here is where I need help..... Create a script that will scan the address list, locate the entry K7QJ, and put the address value (97.11.22.33) in a variable.
4. Add lines to the script that will edit the above tunnel setup as follows:
connect-to=97.11.22.33 **** where the IP is recovered from the variable disabled=no **** and the tunnel goes live.
Thanks for any help you might be able to offer.
Rob K7QJ _______________________________________________ PSDR mailing list PSDR@hamwan.org http://mail.hamwan.net/mailman/listinfo/psdr
participants (2)
-
Bart Kus -
Rob Martin