Hello, I use ether1 as internet connection and I have a pptp connection which has the interface name pptp-out 1. I want my hotspot users to use internet via pptp-out 1. I add pptp-out 1 as default route but my hotspot users still connect internet via ether1. I added a masquerade with the only rule of out interface pptp-out 1. My customers still use intenet via ether1. What is my mistake? What else should I do?
PS: The internet works perfectly with pptp-out 1. I can ping anywhere with pptp-out 1 interface.
You need to do policy routing, marking the Hotspot packets to go out via a different gateway.
You didn’t post many details, so the below assumes that the pptp-out interface has an interface IP address of 1.1.1.2/30 and the other side is 1.1.1.1/30 (so 1.1.1.1 is the gateway for that network). It also assumes that the Hotspot interface is called ether2.
You need to leave the masquerade rule on the pptp-out interface, and remove whatever other additional routes you installed to make this work. To make things explicit, set the distance on your normal default route to 10.
That way the policy route “to_pptp-out” fires for all packets marked specifically by you to use that route, everything else falls through to the normal default route and goes out ether1.