Dual wan, not failower, Not load balance.
When disable this nat
Code: Select all
/ip firewall nat
add action=masquerade chain=srcnatCode: Select all
# RouterOS 7.13.4
# model = CCR2116-12G-4S+
/interface ethernet
set [ find default-name=ether1 ] comment=ISP-1
set [ find default-name=ether2 ] comment=ISP-2
set [ find default-name=ether4 ] comment=TR-2
set [ find default-name=ether5 ] comment=TR-3
set [ find default-name=ether11 ] comment="Old Network"
/interface vlan
add interface=ether4 name="LAN - Network" vlan-id=101
add interface=ether5 name="Mobile - Network" vlan-id=103
add interface=ether5 name="WLAN - Network" vlan-id=102
/ip pool
add name=LAN-Pool ranges=10.10.12.100-10.10.13.254
add name=WLan-Pool ranges=10.10.9.2-10.10.9.254
add name=Mobile-Pool ranges=10.0.0.2-10.0.1.254
/ip dhcp-server
add address-pool=LAN-Pool interface="LAN - Network" lease-time=8h name=LAN-DHCP relay=10.10.12.1
add address-pool=WLan-Pool interface="WLAN - Network" lease-time=8h name=WLAN-DHCP
add address-pool=Mobile-Pool interface="Mobile - Network" lease-time=8h name=Mobile-DHCP
/routing table
add disabled=no fib name=ISP-2
add disabled=no fib name=ISP-1
/ip address
add address=10.0.0.1/23 interface="Mobile - Network" network=10.0.0.0
add address=10.10.9.1/24 interface="WLAN - Network" network=10.10.9.0
add address=ISP-2-ip interface=ether2 network=ISP-2-ip
add address=ISP-1-ip interface=ether1 network=ISP-1-ip
add address=192.168.0.254/16 interface=ether11 network=192.168.0.0
add address=172.16.10.1/30 interface="LAN - Network" network=172.16.10.0
/ip dhcp-server network
add address=10.0.0.0/23 dns-server=8.8.8.8,8.8.4.4 gateway=10.0.0.1
add address=10.10.9.0/24 dns-server=192.168.1.105,192.168.1.101,192.168.1.102 gateway=10.10.9.1
add address=10.10.12.0/23 dns-server=192.168.1.105,192.168.1.101,192.168.1.102 gateway=10.10.12.1
/ip dns
set servers=8.8.8.8,8.8.4.4
/ip firewall nat
add action=dst-nat chain=dstnat comment=Exchange dst-address=ISP-2-ip dst-port=443 protocol=tcp to-addresses=192.168.1.44 to-ports=443
add action=dst-nat chain=dstnat comment=KSMG dst-address=ISP-2-ip dst-port=25 protocol=tcp to-addresses=192.168.1.53 to-ports=25
add action=masquerade chain=srcnat out-interface=ether2 src-address=192.168.0.0/16
add action=masquerade chain=srcnat out-interface=ether1 src-address=192.168.0.0/16
add action=masquerade chain=srcnat out-interface=ether2 src-address=10.10.9.0/24
add action=masquerade chain=srcnat out-interface=ether1 src-address=10.10.9.0/24
add action=masquerade chain=srcnat out-interface=ether2
add action=masquerade chain=srcnat out-interface=ether1
add action=masquerade chain=srcnat
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ISP-2-ip pref-src="" routing-table=ISP-2 scope=30 suppress-hw-offload=no target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ISP-1-ip pref-src="" routing-table=ISP-1 scope=30 suppress-hw-offload=no target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=ISP-2-ip pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/routing rule
add action=lookup disabled=no dst-address=10.10.12.0/23 table=main
add action=lookup disabled=no dst-address=10.10.9.0/24 table=main
add action=lookup disabled=no dst-address=192.168.0.0/16 table=main
add action=lookup disabled=no src-address=192.168.1.160/32 table=ISP-1
add action=lookup disabled=no src-address=10.10.12.0/23 table=ISP-1
add action=lookup disabled=no src-address=10.10.9.0/24 table=ISP-1
add action=lookup disabled=no src-address=10.0.0.0/23 table=ISP-1
