IPSec Monitor — pantaujaringan.id

Tunnel aktif

36

established

Total tunnel

0

terdaftar di hub

Rekey soon

3

dalam 10 menit

Tunnel down

2

butuh tindakan

Active peers — /ip/ipsec/active-peers

Lihat semua →

Pelanggan / site	Remote address	Enkripsi	Mode	State	Uptime	Traffic (5m)	Rekey in

Alert aktif

// Memuat data alert...

Stack collector

POLLING

Node-RED

HTTP GET · setiap 30s

WRITE

InfluxDB

bucket: vpn_ipsec

READ

Grafana

Flux query · dashboard

ALERT

Fonnte WA

trigger saat DOWN

Uptime 30 hari

99.47%

—hari ini

Active peers — Phase 1 established

#	Remote address	Local address	Enkripsi	Hash	State	Uptime	Side

Established

—

tunnel aktif

Down

—

tidak ada SA

Rekeying

—

SA renewal

Total

—

semua tunnel

Semua tunnel — /ip/ipsec/active-peers

#	Nama site / Remote address	Enkripsi	Mode	State	Uptime	RX	TX	Rekey in	Side

Tambah site baru

Nama site

Komentar

Remote ID (FQDN)

Pre-shared key

Subnet remote

Config spoke (sisi client)

Salin ke router MikroTik sisi client:

/ip ipsec profile
add name=primacom-p1 hash-algorithm=sha256     enc-algorithm=aes-256 dh-group=modp2048     lifetime=8h dpd-interval=30s

/ip ipsec proposal
add name=primacom-p2 auth-algorithms=sha256     enc-algorithms=aes-256-cbc     pfs-group=modp2048 lifetime=1h

/ip ipsec peer
add name=primacom-vpn     address=45.32.108.20/32     exchange-mode=ike2     profile=primacom-p1

/ip ipsec identity
add peer=primacom-vpn     auth-method=pre-shared-key     secret="[PSK_SITE]"     my-id=fqdn:[REMOTE_ID]     remote-id=fqdn:hub.primacom.co.id

/ip ipsec policy
add peer=primacom-vpn     src-address=[SUBNET_LOCAL]     dst-address=10.100.0.0/24     tunnel=yes action=encrypt     proposal=primacom-p2

/ip firewall nat
add chain=srcnat action=accept     src-address=[SUBNET_LOCAL]     dst-address=10.100.0.0/24     place-before=0

Daftar site terdaftar

#	Nama site / komentar	Remote ID	Peer	Auth method	Status tunnel	Aksi

Test koneksi ke VPN server

HTTPS reachability

GET /rest/system/identity

idle

—

REST API auth

GET /rest/system/resource

idle

—

IPSec active-peers

GET /ip/ipsec/active-peers

idle

—

IPSec installed-sa

GET /ip/ipsec/installed-sa

idle

—

Response

// Klik "Run all tests" untuk test koneksi ke vpn.pantaujaringan.id

Koneksi VPN server

Host / domain

Port HTTPS

IP publik

45.32.108.20

SSL certificate

Let's Encrypt · valid 89 hari

Expires

17 Jul 2026

RouterOS

7.12.1 (stable)

Board

CHR · x86_64 · Intel

Kredensial REST API

Username

Password

Auth method

HTTP Basic Auth

Group policy

read · api

SSL verify

Base URL

/mikrotik/rest

IPSec profile — Phase 1

Profile name

primacom-p1

Exchange mode

IKEv2

Hash algorithm

Enc algorithm

DH group

Lifetime

DPD interval

DPD max failures

IPSec proposal — Phase 2

Proposal name

primacom-p2

Auth algorithms

Enc algorithms

PFS group

Lifetime

Peer hub config

Peer name

primacom-hub

Address

0.0.0.0/0 (accept all)

Mode

passive=yes · responder

Send initial contact

no

Node-RED collector

Node-RED URL

Poll interval

Endpoint polling

/rest/ip/ipsec/active-peers

InfluxDB bucket

InfluxDB org

Alert trigger

Fonnte token

NOC WA number

Informasi sistem (live)

Uptime

—

CPU load

—

Free memory

—

Free disk

—

Architecture

x86_64

Platform

MikroTik CHR

Version

7.12.1 (stable)

Build time

Nov/17/2023 11:38:45