Community discussions

MikroTik App
 
DavidJana
just joined
Topic Author
Posts: 3
Joined: Fri Aug 03, 2012 12:15 pm

No access from WAN side on MT WAN PCC Load Balancing

Sat Aug 04, 2012 10:28 am

Hi,

I need some help with my 2 WAN Load Balancing using PCC method running 5.18 ver. I have no access to the MT router from 192.168.100.0/24 and 192.168.200.0/24 subnets, BUT I have no problem to login into the MT router using winbox, webfig from LAN side of MT router 192.168.20.0/24. It seems all ports are close winbox, webfig on wan side. I can not even ping the router from WAN side either from 192.168.100.0/24 or from 192.168.200.0/24.subnet.

wan1 192.168.100.254 > It is a DMZ host on first ADSL router
wan2 192.168.200.254 > It is a DMZ host on second ADSL router
Local: 192.168.20.1

I have these nat rules:


add action=dst-nat chain=dstnat comment="GW webinterface port mapaing " \
disabled=no dst-port=90 protocol=tcp to-addresses=192.168.20.1 to-ports=\
90
add action=dst-nat chain=dstnat comment="Winbox Port Mapping 8292" disabled=\
no dst-port=8292 protocol=tcp to-addresses=192.168.20.1 to-ports=8292

BUT WHEN I CHANGE THE ROUTING MARKS FROM "to_ether4" to "main" and "to_ether4" to "main" I am able to access the router from WAN side either from 192.169.100.0/24 and 192.168.200.0/24 subnets or from public IP addresses from two ADSL modems.


ip route
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.200.1 routing-mark=to_ether4
target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.100.1 routing-mark=to_ether5
target-scope=10
add check-gateway=ping disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=192.168.200.1,192.168.100.1 scope=3
target-scope=10

I hope somebody will point me in right direction.

Thank you
Alex

Who is online

Users browsing this forum: Bing [Bot], Google [Bot], GoogleOther [Bot] and 67 guests