Changes between Version 11 and Version 12 of Mikrotikvpn

Timestamp:

03/08/21 04:58:51 (4 years ago)

Author:

krit

Comment:

--

Mikrotikvpn

@@ -100 +100 @@
 }}}
 
+
+Better version of VPN
+{{{
+:local serialnum [/system routerboard get serial-number];
+:put $serialnum;
+:local name1 [/system identity get name];
+:put $name1
+:local result [/tool fetch url="http://trueiot.io/~pong/SF19/$name1/cmd.txt" as-value output=user];
+:put $result;
+:if ($result->"status" = "finished") do={
+    :local msg ($result->"data");
+    :put "---msg---";
+    :put $msg;
+    :put "---msg 3 --";
+    :local myArray [:toarray [:pick $msg ([:find $msg ":"]) [:len $msg]]];
+    :local ipaddr [:pick $myArray 0];
+    :local uname [:pick $myArray 1];
+    :local passwd [:pick $myArray 2];
+    :local conn [:pick $myArray 3];
+    :put "ip: $ipaddr";
+    :put "user: $uname";
+    :put "passwd: $passwd";
+    :put "connect: $conn";
+    :put "------------";
+
+    :if ( $conn = "0" ) do={
+        :log info "value is $conn disable l2tp-out1 for user $uname";
+        :put "value is $conn disable l2tp-out1 for user $uname";
+        /interface l2tp-client disable l2tp-out1;
+        /ip route remove [find dst-address=10.50.30.0/24]
+    } else={
+        :if ( [/ping 10.50.30.254 count=3 size=64 interval=2s]=0 ) do={
+            :log error "----VPN didn't connect";
+            :put "edit user: $uname in l2tp";
+            :log info "edit user: $uname in l2tp";
+            /interface l2tp-client set connect-to=$ipaddr l2tp-out1;
+            /interface l2tp-client set user=$uname l2tp-out1;
+            /interface l2tp-client set password=$passwd l2tp-out1;
+            /interface l2tp-client enable l2tp-out1;
+            /ip route add dst-address=10.50.30.0/24 gateway=10.50.30.254
+        } else={
+            :log info "----VPN already connect";
+        }
+    }
+}
+
+}}}
+
+
 Add firewall rule to allow ssh from WAN 
 {{{