2 LAN and 2 WAN

RouterOS General
1

Hi guys, I am very new to Mikrotik. I have some problem. I have 2 LAN and 2 WAN as picture below:

As you can see LAN 1 will use WAN 1 and LAN 2 will use WAN 2. But I cant connect between these 2 LANs. Here is my configuration:

/ip firewall mangle
add action=mark-connection chain=prerouting disabled=no new-connection-mark=wan1 passthrough=yes src-address=192.168.0.0/24
add action=mark-routing chain=prerouting connection-mark=wan1 disabled=no new-routing-mark=wan1 passthrough=yes src-address=192.168.0.0/24

add action=mark-connection chain=prerouting disabled=no new-connection-mark=wan2 passthrough=yes src-address=192.168.1.0/24
add action=mark-routing chain=prerouting connection-mark=wan2 disabled=no new-routing-mark=wan2 passthrough=yes src-address=192.168.1.0/24


/ip firewall nat
add action=masquerade chain=srcnat disabled=no src-address=192.168.0.0/24
add action=masquerade chain=srcnat disabled=no src-address=192.168.1.0/24


/ip route 
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.10.10.1 routing-mark=wan1 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.1.1.1 routing-mark=wan2 scope=30 target-scope=10
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=10.10.10.1 scope=30 target-scope=1

What should I do to connect between these 2 LAN. Your thought and advise is highly appreciated. Thank you!

2

bump…

3

your LAN subnets will be marked in mangle with wan1 and wan2 because you are mangleing only by source address, so when mirkotik need to decide where to route the traffic it will look into the routnig table and search the right routing mark, and it will pass to wan1 or wan2… you must exclude traffic between your local subnets to be marked at all… two ways: mangle rules at the top:

  1. src-addd 192.168.0.0824 dst-addr 192.168.1.0/24 accept
  2. src-addd 192.168.1.0824 dst-addr 192.168.0.0/24 accept

or picture below which means any destination which is not local address
Untitled.png

4

Thank you so much man! That is very helpful!

5

I have the same issue, can u please write the commands in brief how to enable traffic between lan1 and lan2 locally ?