Tunnel aktif
—
established
Total tunnel
0
Registered Tunnel
Rekey soon
—
dalam 10 menit
Tunnel down
—
Down
Semua tunnel — active & down
—| Pelanggan / site | Remote address | Enkripsi | Mode | State | Uptime | Traffic (5m) | Rekey in |
|---|
Alert log
// Memuat data alert...
Stack collector
POLLING
Node-RED
HTTP GET · setiap 30s
WRITE
InfluxDB
bucket: vpn_ipsec
READ
Grafana
Flux query · dashboard
ALERT
Fonnte WA
trigger saat DOWN
Status tunnel
—Router uptime log
99.47%
—hari ini
Active peers — Phase 1 established
| # | Remote address | Local address | Enkripsi | Hash | State | Uptime | Side |
|---|
Established
—
tunnel aktif
Down
—
tidak ada SA
Rekeying
—
SA renewal
Total
—
semua tunnel
Active peers — /ip/ipsec/active-peers
| # | Nama site / Comment | Remote ID | Remote IP | Tunnel subnet | Enkripsi / Hash | State | Uptime | RX | TX | Rekey in |
|---|
Tambah site baru
Nama site
Komentar
Remote ID (FQDN)
Pre-shared key
Subnet remote
Config spoke (sisi client)
Salin ke router MikroTik sisi client:
/ip ipsec peer
add address=103.190.220.25/32 exchange-mode=ike2 name=peer-branch
/ip ipsec identity
add auth-method=pre-shared-key generate-policy=port-override \
my-id=fqdn:[REMOTE_ID] peer=peer-branch \
remote-id=fqdn:[REMOTE_ID] secret="[PSK_SITE]"
/ip ipsec policy
add dst-address=10.0.0.0/8 peer=peer-branch \
src-address=[SUBNET_LOCAL] tunnel=yes
Daftar site terdaftar
| # | Nama site / komentar | Remote ID | Peer | Auth method | Status tunnel | Aksi |
|---|
Test koneksi ke VPN server
HTTPS reachability
GET /rest/system/identity
idle
—
REST API auth
GET /rest/system/resource
idle
—
IPSec active-peers
GET /ip/ipsec/active-peers
idle
—
IPSec installed-sa
GET /ip/ipsec/installed-sa
idle
—
Response
// Klik "Run all tests" untuk test koneksi ke vpnsec.primacom.id
Koneksi VPN server
Host / domain
Port HTTPS
IP publik
103.190.220.25
SSL certificate
Let's Encrypt · valid 89 hari
Expires
17 Jul 2026
RouterOS
7.12.1 (stable)
Board
CHR · x86_64 · Intel
Kredensial REST API
Username
Password
Auth method
HTTP Basic Auth
Group policy
read · api
SSL verify
Base URL
/mikrotik/rest
IPSec profile — Phase 1
Profile name
primacom-p1
Exchange mode
IKEv2
Hash algorithm
Enc algorithm
DH group
Lifetime
DPD interval
DPD max failures
IPSec proposal — Phase 2
Proposal name
primacom-p2
Auth algorithms
Enc algorithms
PFS group
Lifetime
Peer hub config
Peer name
primacom-hub
Address
0.0.0.0/0 (accept all)
Mode
passive=yes · responder
Send initial contact
no
Node-RED collector
Node-RED URL
Poll interval
Endpoint polling
/rest/ip/ipsec/active-peers
InfluxDB bucket
InfluxDB org
Alert trigger
Fonnte token
NOC WA number
Informasi sistem (live)
Uptime
—
CPU load
—
Free memory
—
Free disk
—
Architecture
x86_64
Platform
MikroTik CHR
Version
7.12.1 (stable)
Build time
Nov/17/2023 11:38:45