[HamWAN PSDR] Scripting help needed

Bart Kus me at bartk.us
Wed May 6 16:48:48 PDT 2020 

It looks like connect-to can take either a name or an address:

[eo at CR1] /interface ovpn-client> add connect-to=

ConnectTo ::= Address | Name
   Name -- string value
   Address ::= A.B.C.D    (IP address)

Have you tried having your dynamic IP register with DNS, and then have 
the ovpn-client connect to that DNS?

On the ovpn-server side, there's instructions from our Open Peering 
Policy page on how to configure Dynamic DNS:

http://hamwan.org/Labs/Open%20Peering%20Policy.html#optionally-configure-dynamic-ip-support

Although Mikrotik also has their own "ip cloud" dynamic dns thing:

https://wiki.mikrotik.com/wiki/Manual:IP/Cloud

--Bart


On 5/6/2020 2:36 AM, Rob Martin via PSDR wrote:
> Hello,
>
> I would appreciate some assistance in writing a script to run in a Mikrotik router.
>
> I am trying to get a remote Mikrotik router to phone home by establishing an ovpn tunnel. I am able to deliver my local IP address to the remote router, and store it in its firewall address list. My local IP changes occasionally.
>
> The ovpn tunnel setup does not seem to have a way to directly use a variable for the connect-to address. I need help with a script to perform this.
>
> Here are details of the project:
>
> 1.  Add an entry to the list to simulate a separate process that adds entries automatically. I have the this part working already.
>
> /ip firewall address-list
> add
>    list=K7QJ
>    address=97.11.22.33
>
> 2.  Add the following ovpn tunnel to simulate an earlier entry in the router setting up the tunnel. This is a slightly edited version of a working tunnel.
>
> /interface ovpn-client
> add
>    add-default-route=yes
>    certificate=cert_export_client_QJ.crt_0
>    cipher=aes256
>    comment="Tunnel to K7QJ TS "
>    connect-to=12.34.56.78           **** placeholder IP
>    disabled=yes
>    mac-address=00:11:22:33:44:55
>    name=Tnl_K7QJ
>    password=abcdefg
>    user=K7QJ_A
>
> 3.  Here is where I need help.....   Create a script that will scan the address list, locate the entry K7QJ, and put the address value (97.11.22.33) in a variable.
>
> 4.  Add lines to the script that will edit the above tunnel setup as follows:
>
>    connect-to=97.11.22.33       **** where the IP is recovered from the variable
>    disabled=no                            **** and the tunnel goes live.
>
> Thanks for any help you might be able to offer.
>
> Rob
> K7QJ
> _______________________________________________
> PSDR mailing list
> PSDR at hamwan.org
> http://mail.hamwan.net/mailman/listinfo/psdr

More information about the PSDR mailing list