Hi,
I need some help with my 2 WAN Load Balancing using PCC method running 5.18 ver. I have no access to the MT router from 192.168.100.0/24 and 192.168.200.0/24 subnets, BUT I have no problem to login into the MT router using winbox, webfig from LAN side of MT router 192.168.20.0/24. It seems all ports are close winbox, webfig on wan side. I can not even ping the router from WAN side either from 192.168.100.0/24 or from 192.168.200.0/24.subnet.
wan1 192.168.100.254 > It is a DMZ host on first ADSL router
wan2 192.168.200.254 > It is a DMZ host on second ADSL router
Local: 192.168.20.1
I have these nat rules:
add action=dst-nat chain=dstnat comment="GW webinterface port mapaing " \
disabled=no dst-port=90 protocol=tcp to-addresses=192.168.20.1 to-ports=\
90
add action=dst-nat chain=dstnat comment="Winbox Port Mapping 8292" disabled=\
no dst-port=8292 protocol=tcp to-addresses=192.168.20.1 to-ports=8292
BUT WHEN I CHANGE THE ROUTING MARKS FROM "to_ether4" to "main" and "to_ether4" to "main" I am able to access the router from WAN side either from 192.169.100.0/24 and 192.168.200.0/24 subnets or from public IP addresses from two ADSL modems.
ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.200.1 routing-mark=to_ether4
target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.100.1 routing-mark=to_ether5
target-scope=10
add check-gateway=ping disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=192.168.200.1,192.168.100.1 scope=3
target-scope=10
I hope somebody will point me in right direction.
Thank you
Alex