I have a network with 2 WAN connections from ISP. Now client asks that WAN1 go for LAN1 and WAN2 go for LAN2. But users on LAN2 have to see the server on one address. What is the best option?
Just do PBR (Policy base Route) and you’re good to go. https://help.mikrotik.com/docs/display/ROS/Policy+Routing
First of all, lets be as clear as possible about the requirements.
Traffic does not originate from the WAN for the most part.
So the requirements from the Client are
a. All users/devices from LAN1 should go out to the internet via WAN1
b. All users/devices from LAN2 should go out to the internet via WAN2
What is not clear is this business about seeing the server on one address??
That could mean so many things.
Explain this in much greater detail please
Yes this is true.
So what client ask is that one subnet goes through WAN1 to internet and subnet two is going through WAN2. I manage to do this through routing and policy but when I try to ping windows server that is on subnet 1 from subnet 2 I cant reach it
When you are willing to cooperate, we can help, little tidbits of information is not all that helpful.
a. draw network diagram
b. list FULL requirements.
a. identify user(s)/device(s) / groups of users/devices
b. identify all the traffic flows they require to accomplish.
then provide full config export
/export file=anynameyouwish ( minus router serial number and any public WANIP information )
If you have added a routing rule using a new routing table, make sure you have a copy of the connected route to subnet 2 in the new table.
Also make sure that it is not caught by any outgoing src-nat rule when going to subnet 2
try this:
/ip firewall address-list
add address=192.168.88.9 list=myServer
/ip firewall mangle
add action=mark-connection chain=prerouting dst-address-list=!myServer in-interface=vlan2 new-connection-mark=wan2-conn passthrough=yes
use address-list, you can make traffic to the server not goes into policy, and let the main route table do it’s job.