Hi,
I have 2 routerboards connected to 2 ISP. A local computer with x.x.x.118 is dst-nat at port 5900 tcp at MT 1 to accept vnc connections. But the gateway at the computer is x.x.x.1 not x.x.x.2 so it can’t accept connection at dst-nat port at MT 2. I have tried to make dst-nat at mt2 to port 5900 at the ISP-ip of MT1 which I routed at MT2 to use gateway x.x.x.1 I see that the packets are transmitted at both routers, but can’t establish connection. What I’m missing, and how is possible to accept incoming connections at both ISP to a local PC. Thanks!
It is possible to do what you want using various tunnels and such, but why not make it simpler and just put your 2 upstream interfaces on the same Mikrotik? If they are not in the same location, then you will have to build tunnels or use a combination of src-nat and dst-nat (which may be an easier solution) to make it work.
The main reason I separated the upstreams, was that I couldn’t achieved to make 2 local ip-s like x.x.x.1 and x.x.x.2 , each one to be a gateway to a specific ISP. By tunnels you mean ipip tunnel? Thanks!
Do separate traffic to the 2 upstreams, you can use policy routing:
http://blog.butchevans.com/2008/09/mikrotik-policy-routing-implementation-example/ is one tutorial. You can “automate” the route selection with PCC: http://wiki.mikrotik.com/wiki/PCC or you can use many other methods listed in the wiki to move traffic from the LAN onto the different ISP upstreams.
As for the tunnels, you can use ipip, pptp, l2tp or even pppoe tunnel to move the traffic. Tunnel would run between the 2 mikrotik routers, or from the host you are trying to nat to the one with the dst-nat rule. The host would be best, but making that work would depend on your ability to configure that option on the host, since the natted traffic would have to be moved out a different gateway. The difficulty there is that you could run into the same issue you have now. Tunnel between the 2 mikrotik devices would solve at least THAT part of the issue, because you can use connection tracking in the second MT to properly route traffic using policy routing. 