Page 1 of 1

Access MT outside script error [Help]

Posted: Sat Dec 29, 2018 11:21 am
by khaloudy
]Hi all
a good day
i search about script to access my mikrotik outside my network via wan
i have static ip and i am connected via PPPoE Client
i get this script
but not connected via winbox or mikrotik android app
can help me please to do that?
best regards
# Define User Variables

:global ddnsuser “southbird”

:global ddnspass “mothana”

:global ddnshost “81.22.22.xxx”

# Define Global Variables

:global ddnsip

:global ddnslastip

:if ([ :typeof $ddnslastip ] = nil ) do={ :global ddnslastip “0” }

:global ddnsinterface

:global ddnssystem (“mt-” . [/system package get system version] )

# Define Local Variables

:local int

# Loop thru interfaces and look for ones containing

# default gateways without routing-marks

:foreach int in=[/ip route find dst-address=0.0.0.0/0 active=yes ] do={

:if ([:typeof [/ip route get $int routing-mark ]] != str ) do={

:global ddnsinterface [/ip route get $int interface] }

}

# Grab the current IP address on that interface.

:global ddnsip [ /ip address get [/ip address find interface=$ddnsinterface ] address ]

# Did we get an IP address to compare?

:if ([ :typeof $ddnsip ] = nil ) do={

:log info (“DDNS: No ip address present on ” . $ddnsinterface . “, please check.”)

} else={

:if ($ddnsip != $ddnslastip) do={

:log info “DDNS: Sending UPDATE!”

:log info [ :put [/tool dns-update name=$ddnshost address=[:pick $ddnsip 0 [:find $ddnsip "/"] ] key-name=$ddnsuser key=$ddnspass ] ] :global ddnslastip $ddnsip

} else={

:log info “DDNS: No update required.”

}

}

# End of script 

Re: Access MT outside script error

Posted: Sat Dec 29, 2018 11:32 am
by Jotne
Not sure what you are doing with the script.

If you like to use Winbox from outside the best solution is to setup a VPN to your router.
(if your router has dynamic IP, you can use the cloud function to find it)
If that can not be done, do use the following:
1. Upgrade router to latest stable release
2. Change away from default port
3. Use port-knocking
4. Set a long and good username/password

Re: Access MT outside script error

Posted: Sat Dec 29, 2018 11:48 am
by khaloudy
thank you for replay me
i forget to tell you i am using ip cloud ready
i am login via via winbox ready with static ip or ip cloud link ready

i want to login with my laptop or mobile via vpn
but i don't know how

best regrds

my network like that

modem bridge >>WAN >> MT (PPPoE_client with static ip ) hotspot - ip cloud - dhcp server - >> LAN + WLAN

i want login via wan vpn connection outside my network
do you know why sir?

i think i can get internet bandwidth from MT to my mobile or laptop
i see that in a friend network but not with mikrotik
with sophos server
i think its very near software and hardware from mikrotik
i hope you get me
sorry for my bad English language
best regards

Re: Access MT outside script error [Help]

Posted: Sat Dec 29, 2018 1:17 pm
by Jotne
Setup ipsec/l2tp vpn on your MT, then use your laptop to connect to it.

https://wiki.mikrotik.com/wiki/Manual:Interface/L2TP

Re: Access MT outside script error [Help]

Posted: Sat Dec 29, 2018 3:14 pm
by khaloudy
i did that
and no connection
but when i used PPTP server
i see connection established in log but not connected
in L2TP server no connection

#IN MIKROTIK
/ip pool add name=vpn-pool range=192.168.99.2-192.168.99.100
/ppp profile
set default local-address=192.168.99.1 remote-address=vpn-pool
/ppp secret
add name=1234 password=1234
/ip firewall filter
add chain=input protocol=udp port=1701,500,4500
add chain=input protocol=ipsec-esp
/interface l2tp-server server
set enabled=yes use-ipsec=required ipsec-secret=mySecret default-profile=default

================
IN PC
ADD VPN 
connection name : l2tp_VPN
Server Name Or IP: My Static ip
VPN Type = Automatic 
username :1234
password :1234

Re: Access MT outside script error [Help]

Posted: Mon Dec 31, 2018 10:02 pm
by khaloudy
i read more and more about
i find this
its working
i am conected now via vpn from my pc outside mt

but internet soooooooooooo slowwwwwwwwwwww
>>>> export
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1,md5 enc-algorithms=\
    aes-256-cbc,aes-192-cbc
/ip pool
add name=vpn ranges=6.6.6.2-6.6.6.100
/ppp profile
set *FFFFFFFE dns-server=8.8.8.8,163.121.128.134 local-address=6.6.6.1 \
    remote-address=vpn use-ipv6=no
/ppp secret
add name=xxxxx password=yyyyyy profile=default-encryption service=l2tp

/interface l2tp-server server
set enabled=yes ipsec-secret=123 keepalive-timeout=60 use-ipsec=yes

/ip firewall nat
    src-address=6.6.6.0/24

/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes


/system logging
add prefix=L2TPDBG topics=l2tp
add prefix=IPSECDBG topics=ipsec

how i can fix that?

Re: Access MT outside script error [Help]

Posted: Tue Jan 01, 2019 1:37 am
by khaloudy
help
thx

Re: Access MT outside script error [Help]

Posted: Tue Jan 01, 2019 2:14 am
by Jotne
I did setup l2tp/ipsec using a youtube video, do not remember what, but try a search.