Hi

A few years ago I wrote a script to detect and restart IP Sec tunnels. (I know there was DPD but I didn't like the lack of logging) Recently I have got back into Mirotik, and found that when I am using Wireguard, if a peer dropped at times the tunnel wouldn't re-establish even with keepalive etc. So I updated my script. I hope this helps some of you

{
:log info "Wireguard Watchdog Started"
##### The host you want to ping######
:local HOST "Remote IP"
##### Location of host########
:local LOCATION "Name for Referance"
##### Interface to Remote Network#######
:local GW "Name of Interface with Gateway to network"
#### Ping Time out Increase or decrease as Required #####
:local TIMEOUT "800ms"
#### How Many try's ######
:local COUNT "10"
### If less than 8 successful reply's Restart IPSec#####
:local LESSTHAN "8"
##### Wireguard Peer Number
:local NO "3"


##################################DONT EDIT BELOW###################################
:log info "Looking for $HOST at $LOCATION"
:log info "Route to endpoint in $LOCATION is via $GW"
:if ([/ping interface=$GW $HOST interval=$TIMEOUT count=$COUNT]<$LESSTHAN) \
do={log error "$HOST at $LOCATION is unreachable Tunnel to $LOCATION is Down Forcing Wireguard Tunnel Restart"; \
/interface/wireguard/peers/disable numbers=$NO; :delay 300ms;/interface/wireguard/peers/enable numbers=$NO } \
else {:log warning "Wireguard Tunnel to $LOCATION is OK Nothing to do"}
}