Mikrotik script to update a dynamic DNS host and IPsec policy
##############Script Settings################## | |
:local DDNSUser "username" | |
:local DDNSPass "password" | |
:local DDNSDomain "yourhost.ddns.net" | |
:local DDNSServer "https://members.dyndns.org/v3/update" | |
:local WANInter "pppoe-out1" | |
############################################### | |
:local IpCurrent [/ip address get [find interface=$WANInter] address]; | |
:for i from=( [:len $IpCurrent] - 1) to=0 do={ | |
:if ( [:pick $IpCurrent $i] = "/") do={ | |
:local NewIP [:pick $IpCurrent 0 $i]; | |
:if ([:resolve $DDNSDomain] != $NewIP) do={ | |
/tool fetch mode=https user=$DDNSUser password=$DDNSPass url="$DDNSServer\3Fhostname=$DDNSDomain&myip=$NewIP" keep-result=no | |
:log info "DDNS Update: $DDNSDomain - $NewIP" | |
:log info "IPsec: Updating IPsec Policy." | |
/ip ipsec policy set [find comment="myIPsec"] sa-src-address=$NewIP | |
:log info "IPsec: IPsec Policy updated." | |
} | |
} | |
} |
This comment has been minimized.
This comment has been minimized.
Yes, it should work fine. |
This comment has been minimized.
This comment has been minimized.
Hello...do you have script using MikroTIks cloud ID service? I need to setup a IPSEC /GRE VPN using Dynamic IP in both ends. |
This comment has been minimized.
This comment has been minimized.
No, I don't have a script for Mikrotik's Cloud ID service since it was not available when I created this script. If you use Cloud ID, I guess you don't need to update the DNS record as this will be done automatically by the service. However, you still have to make sure to update the IPsec policy when the IP changes. Just compare the IP configured in IPsec with the current IP resolved by the DNS and update the IPsec config if they are different. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
Hello, what version of RouterOS is this for? Will it work with 6.37.x? Thanks.