Mikrotik IPSec VPN FailOver Script

This document discusses configuring automatic IPSec VPN failover on a router. It includes an example script that uses ping tests and IPsec policy disabling/enabling to fail over between a primary and secondary VPN if the primary connection fails. It also provides instructions on setting up a scheduler to periodically run the script to enable automatic failover. The configuration was implemented successfully in a lab environment.

Uploaded by

Sarwar Murshed

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

493 views1 page

Mikrotik IPSec VPN FailOver Script

Uploaded by

Sarwar Murshed

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

Hi Dear,

According to this topology, I applied an script in RouterA and it works.

[Link] (115.35 KiB) Viewed 92 times

IPSec VPN config in RouterA, it´s important the ID of the IPSec Policy (0 and 1 in this
example).

[Link] (16.23 KiB) Viewed 92 times

The next script is for automatic IPSec VPN failover.
{
:local PrimaryPolicy 0
:local SecondaryPolicy 1

:local PrimaryOK [:ping count=3 src-address=[Link] [Link]];

:local SecondaryOK [:ping count=3 src-address=[Link] [Link]];

:if ($PrimaryOK<3 and $SecondaryOK=3) do={

/ip ipsec policy disable $PrimaryPolicy;
/ip ipsec policy enable $SecondaryPolicy;
}
:if ($PrimaryOK=3) do={
/ip ipsec policy disable $SecondaryPolicy;
/ip ipsec policy enable $PrimaryPolicy;
}
}

Optionally, to run this script you can create a scheduler and customize a timer (This script has ID
0).

/system scheduler
add interval=10s name=RunScript on-event="system script run 0" policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon \
start-date=may/31/2019 start-time=[Link]

I implemented this in a laboratory and it works successfully.

MikroTik Hotspot Security Audit Guide
No ratings yet
MikroTik Hotspot Security Audit Guide
60 pages
Dual Wan Load Balacing With Failover Mikrotik - PROBAR!!!
No ratings yet
Dual Wan Load Balacing With Failover Mikrotik - PROBAR!!!
2 pages
Hardening Mikrotik Routeros: April 24, 2017 Mum Phnom Penh, Cambodia by Sarpich Rath (Peter)
No ratings yet
Hardening Mikrotik Routeros: April 24, 2017 Mum Phnom Penh, Cambodia by Sarpich Rath (Peter)
41 pages
MikroTik RouterOS Wireless Guide
No ratings yet
MikroTik RouterOS Wireless Guide
5 pages
Mikrotik Fast
No ratings yet
Mikrotik Fast
18 pages
OpenVPN Configuration Step by Step - MikroTik Wiki
No ratings yet
OpenVPN Configuration Step by Step - MikroTik Wiki
35 pages
Dlink DIR 803 Configuration Guide
No ratings yet
Dlink DIR 803 Configuration Guide
9 pages
Gamer Bandwidth Management Guide
No ratings yet
Gamer Bandwidth Management Guide
26 pages
Easy Hotspot - Documentation - Tutorial
No ratings yet
Easy Hotspot - Documentation - Tutorial
12 pages
Configuración de WAN con Failover
No ratings yet
Configuración de WAN con Failover
2 pages
MIKROTIK - FIREWALL - Firewall Marking
No ratings yet
MIKROTIK - FIREWALL - Firewall Marking
4 pages
MikroTik RouterOS Configuration Quiz
No ratings yet
MikroTik RouterOS Configuration Quiz
24 pages
RADIUS Error Messages and Solutions
No ratings yet
RADIUS Error Messages and Solutions
466 pages
MikroTik Script Writing and Sending Guide
No ratings yet
MikroTik Script Writing and Sending Guide
2 pages
Mikrotik ISP Configuration Guide
50% (2)
Mikrotik ISP Configuration Guide
17 pages
Hardening Mikrotik
No ratings yet
Hardening Mikrotik
11 pages
Implementing Proxy ARP for Subnet Gateways
No ratings yet
Implementing Proxy ARP for Subnet Gateways
9 pages
Firewall Mikrotik Basico
No ratings yet
Firewall Mikrotik Basico
2 pages
Mikrotik Configuration Guide
No ratings yet
Mikrotik Configuration Guide
17 pages
Mikrotik Bandwidth Scheduling Guide
No ratings yet
Mikrotik Bandwidth Scheduling Guide
2 pages
Diagaram Flow Packet Mikrotik
No ratings yet
Diagaram Flow Packet Mikrotik
6 pages
Layer 7 Firewall Configuration Guide
No ratings yet
Layer 7 Firewall Configuration Guide
3 pages
VoIP Best Practices: Firewall & VLAN
No ratings yet
VoIP Best Practices: Firewall & VLAN
4 pages
Load Balance Traffic MikroTik
No ratings yet
Load Balance Traffic MikroTik
25 pages
Mikrotik Home Network Setup Guide
No ratings yet
Mikrotik Home Network Setup Guide
29 pages
PCC LoadBalance3WANs
No ratings yet
PCC LoadBalance3WANs
4 pages
Configuring ISIS on Huawei Routers
No ratings yet
Configuring ISIS on Huawei Routers
7 pages
Mikrotik - Filter Firewall
No ratings yet
Mikrotik - Filter Firewall
2 pages
PCQ Configuration for Internet Plans
No ratings yet
PCQ Configuration for Internet Plans
2 pages
Comandos Fiberhome
No ratings yet
Comandos Fiberhome
10 pages
Login Page For Multiple Network On Mikrotik Hotspot
No ratings yet
Login Page For Multiple Network On Mikrotik Hotspot
10 pages
Cân Bằng Tải + Fail Over NetWatch
No ratings yet
Cân Bằng Tải + Fail Over NetWatch
5 pages
PPPoE With Mikrotik and Radius
No ratings yet
PPPoE With Mikrotik and Radius
55 pages
MikroTik Captive Portal Setup Guide
No ratings yet
MikroTik Captive Portal Setup Guide
65 pages
MikroTik Routers and Wireless - Training
No ratings yet
MikroTik Routers and Wireless - Training
6 pages
Debian Wi-Fi Hotspot Using CoovaChilli, FreeRadius, MySQL and daloRADIUS
No ratings yet
Debian Wi-Fi Hotspot Using CoovaChilli, FreeRadius, MySQL and daloRADIUS
9 pages
Tecnomet Internet PPPoE Configuration Guide
No ratings yet
Tecnomet Internet PPPoE Configuration Guide
5 pages
Config NE40
No ratings yet
Config NE40
37 pages
Mikrotik Static IP WAN - LAN PPPoE Server Config
No ratings yet
Mikrotik Static IP WAN - LAN PPPoE Server Config
4 pages
Cara Setting Mikrotik Anti NetCut Firewall Mikrotik
No ratings yet
Cara Setting Mikrotik Anti NetCut Firewall Mikrotik
2 pages
Mikrotik L2TP/IPsec VPN Setup Guide
No ratings yet
Mikrotik L2TP/IPsec VPN Setup Guide
1 page
Uso de Layer 7 Protocols
No ratings yet
Uso de Layer 7 Protocols
7 pages
Queue Tree - Mutiple Wan Interfaces - What Should Be The Parent - MikroTik
No ratings yet
Queue Tree - Mutiple Wan Interfaces - What Should Be The Parent - MikroTik
25 pages
Como Desligar o Telnet Da ONU e Desabilitar o Acesso Web Via WAN
No ratings yet
Como Desligar o Telnet Da ONU e Desabilitar o Acesso Web Via WAN
4 pages
Cisco and Huawei Command Reference Guide
100% (2)
Cisco and Huawei Command Reference Guide
125 pages
Basic Mikrotik Configuration With PPPoE Server
100% (1)
Basic Mikrotik Configuration With PPPoE Server
41 pages
Dynamic QoS Script for PPPoE
100% (2)
Dynamic QoS Script for PPPoE
5 pages
Setting Up Internet Access Server On Basis of Mikrotik Routeros and Isp Billing System Netup Utm5
No ratings yet
Setting Up Internet Access Server On Basis of Mikrotik Routeros and Isp Billing System Netup Utm5
9 pages
Mikrotik Firewall v6-0
No ratings yet
Mikrotik Firewall v6-0
16 pages
TL1 Commands Fiberhome
100% (1)
TL1 Commands Fiberhome
4 pages
FB BGP Community Signaling
No ratings yet
FB BGP Community Signaling
14 pages
Manual - CRS Examples - MikroTik Wiki
No ratings yet
Manual - CRS Examples - MikroTik Wiki
20 pages
Full Bandwidth Management Parent Queue Tree: Internet Connection
No ratings yet
Full Bandwidth Management Parent Queue Tree: Internet Connection
12 pages
Fail Over Ipsec Site-To-Site VPN With Backup Peer On Cisco Asa
No ratings yet
Fail Over Ipsec Site-To-Site VPN With Backup Peer On Cisco Asa
10 pages
Step by Step Configure Router Vyata 6.5.5
No ratings yet
Step by Step Configure Router Vyata 6.5.5
27 pages
IPsec Site-to-Site VPN Guide
No ratings yet
IPsec Site-to-Site VPN Guide
11 pages
Interop
No ratings yet
Interop
6 pages
VPN Setup Guide for Network Admins
No ratings yet
VPN Setup Guide for Network Admins
14 pages
KCSArticleDetail IPSec
No ratings yet
KCSArticleDetail IPSec
3 pages
Fortigate IPsec VPN Troubleshooting
No ratings yet
Fortigate IPsec VPN Troubleshooting
13 pages
Remote Office Patch Summary Report
No ratings yet
Remote Office Patch Summary Report
1 page
Og Fortiguard
No ratings yet
Og Fortiguard
7 pages
Cbs 350 Cli
No ratings yet
Cbs 350 Cli
1,512 pages
Installed Patches
No ratings yet
Installed Patches
4 pages
ISL Launches Wi Fi 6 Network For 1700 Students - and - Teachers
No ratings yet
ISL Launches Wi Fi 6 Network For 1700 Students - and - Teachers
2 pages
BIG-IP LTM CLI Command Guide
No ratings yet
BIG-IP LTM CLI Command Guide
8 pages
1 GRM Awa'ßi, Evsjv 'K
No ratings yet
1 GRM Awa'ßi, Evsjv 'K
153 pages
Hourly Bulletein 201300 UTC
No ratings yet
Hourly Bulletein 201300 UTC
6 pages
Asian DUE Client
No ratings yet
Asian DUE Client
1 page
Network Route Commands Guide
No ratings yet
Network Route Commands Guide
4 pages
Eos Eol Notice c51 740542
No ratings yet
Eos Eol Notice c51 740542
10 pages
Site Monitor Service Overview
No ratings yet
Site Monitor Service Overview
2 pages
Please Upgrade PDF
No ratings yet
Please Upgrade PDF
2 pages

Mikrotik IPSec VPN FailOver Script

Uploaded by

Mikrotik IPSec VPN FailOver Script

Uploaded by

Hi Dear,

According to this topology, I applied an script in RouterA and it works.

[Link] (115.35 KiB) Viewed 92 times

[Link] (16.23 KiB) Viewed 92 times

:local PrimaryOK [:ping count=3 src-address=[Link] [Link]];

:if ($PrimaryOK<3 and $SecondaryOK=3) do={

I implemented this in a laboratory and it works successfully.

You might also like