= Mikrotik VPN = We want Mikrotik to make l2tp connect to server when it check the webserver. [[br]] 1. Web server site 2. VPN server 3. l2tp Mikrotik client On Web server, we need to edit file '''out.txt''' for any vpn client to check the connect need or not. {{{ #!sh [krit@mini D4410D3300C8]$ pwd /home/krit/public_html/Tmp/D4410D3300C8 [krit@mini D4410D3300C8]$ cat out2.txt trueiot.io, tonic11, vpnPassw0rd, 1, [krit@mini D4410D3300C8]$ }}} In above, vpn server=trueiot.io, vpn username=tonic11, passwd=vpnPassw0rd, connect enable=1 (to disable connection this value will be 0) [[br]] Note: we need to have ''',''' at the end of line ex. '''1,''' , otherwise the script '''$conn'''below need to compare to "1\n" or "0\n". [[br]] VPN with l2tp config script {{{ #!sh 5 name="http_get_5" owner="admin" policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon dont-require-permissions=no last-started=feb/27/2021 00:36:10 run-count=10 source= { :local serialnum [/system routerboard get serial-number]; :put $serialnum; :local result [/tool fetch url="http://192.168.5.1/~krit/Tmp/$serialnum/out2.txt" as-value output=user]; :put $result; :local msg ($result->"data"); :put "---msg---"; :put $msg; :put "---msg 3 --"; :local myArray [:toarray [:pick $msg ([:find $msg ":"]) [:len $msg]]]; :local ipaddr [:pick $myArray 0]; :local uname [:pick $myArray 1]; :local passwd [:pick $myArray 2]; :local conn [:pick $myArray 3]; :put "ip: $ipaddr"; :put "user: $uname"; :put "passwd: $passwd"; :put "connect: $conn"; :put "------------"; :local serialnum [/system routerboard get serial-number]; :put $serialnum; :if ($result->"status" = "finished") do={ :if ( $conn = "0" ) do={ :log info "value is $conn disable l2tp-out1 for user $uname"; :put "value is $conn disable l2tp-out1 for user $uname"; /interface l2tp-client disable l2tp-out1; } else={ :put "edit user: $uname in l2tp"; :log info "edit user: $uname in l2tp"; /interface l2tp-client set connect-to=$ipaddr l2tp-out1; /interface l2tp-client set user=$uname l2tp-out1; /interface l2tp-client set password=$passwd l2tp-out1; /interface l2tp-client enable l2tp-out1; } } } [admin@MikroTik] > }}}