:local curTime [/system clock get time] :local curHour [:pick $curTime 0 2]
:log info "PPP DOWN: $user disconnected from $interface"
:if ($user = "branch-office-01") do= /ip route remove [find comment="Route for Branch 01"]
:if ($user = "branch-office-01") do= /ip route add dst-address=192.168.50.0/24 gateway=$remote-address comment="Route for Branch 01" mikrotik ppp profile script
/ip firewall filter add chain=input src-address=$remote-address dst-address=$rdpTarget dst-port=3389 protocol=tcp action=accept comment="$comment" :log info "Opened RDP for $user from $remote-address"
Place this logic in the on-up script:
:local rdpTarget "10.10.10.50" :local comment "VPN-RDP-$user" :local curTime [/system clock get time] :local curHour
: Send custom alerts via email, Telegram, or log entries containing the user's name, assigned IP, and connection time. DNS Automation : Dynamically create DNS static entries for VPN clients so they can be reached by a hostname (e.g., ://yourdomain.com ) while connected. Queue Customization
Then watch logs: /log print follow where topics~"script"
:if ([:len $user] > 0 && $user ~ "^[a-zA-Z0-9_-]+$") do= ... mikrotik ppp profile script
/ip route remove [find comment="VPN-$user"]
/ip firewall address-list remove [find list="ppp-active" address=$remote-address]