aboutsummaryrefslogtreecommitdiffstats

Update GRE configuration with dynamic addresses

⬅️ Go back to main README

ℹ️ Info: This script can not be used on its own but requires the base installation. See main README for details.

Description

Running a GRE tunnel over IPSec with IKEv2 is a common scenario. This is easy to configure on client, but has an issue on server side: client IP addresses are assigned dynamically via mode-config and have to be updated for GRE interface.

This script handles the address updates and disables the interface if the client is disconnected.

Requirements and installation

Just install the script:

$ScriptInstallUpdate update-gre-address;

... and add a scheduler to run the script periodically:

/system/scheduler/add interval=30s name=update-gre-address on-event="/system/script/run update-gre-address;" start-time=startup;

Configuration

The configuration goes to interface's comment. Add the client's IKEv2 certificate CN into the comment:

/interface/gre/set comment="ikev2-client1" gre-client1;

⬅️ Go back to main README
⬆️ Go back to top

generated by cgit v1.2.3-70-g09d2 (git 2.47.0) at 2024-11-01 22:49:36 +0000