# IPSec Peer/policy Updater forDynamic WAN addresses#==================================================# CONFIGURATION start#==================================================: Local Localfqdn"Local.fqdn-or-ip.domain.tld": Local Remotefqdn"Remote.fqdn-or-ip.domain.tld": Local Peertag"peer-comment": Local Policytag"policy-comment"# ==================================================# CONFIGURATION end#==================================================/IP DNS Cache flush:local localsite"0.0.0.0": Local Remotesite"0.0.0.0":if([: Tostr [: Toip $localfqdn]]! = $LOCALFQDN) Do={:SetLocalsite [: Resolve $localfqdn]}Else={:Setlocalsite $localfqdn}:if([: Tostr [: Toip $remotefqdn]]! = $REMOTEFQDN) Do={:SetRemotesite [: Resolve $remotefqdn]}Else={:Setremotesite $remotefqdn}:log info ("ipsec:setting Local to". $localsite."and remote to". $remotesite."." )/IP IPSec PolicySet[/IP IPSec policy Find comment="$policytag"] sa-src-address= $localsite sa-dst-address=$remotesite/IP IPSec peerSet[/IP IPSec peer find comment="$peertag"] Address="$remotesite/32"# ==================================================# END of script#==================================================
Mikrotik/ipsec Dynamic End points UPDATER.RSC